CVE-2014-2384

CVE Database · CVE-2014-2384

CVE-2014-2384

· N/AModified

CVSS v3.1

N/A

EPSS

0.29%

Published

Apr 15, 2014

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable."

Weaknesses (CWE)

CWE-399

Affected Products (2)

vmware · playervulnerable

vmware · workstationvulnerable

References (4)

http://seclists.org/fulldisclosure/2014/Apr/163

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/

http://seclists.org/fulldisclosure/2014/Apr/163

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/

KEV Catalog EPSS Scores Vendors All CVEs