CVE-2016-7461

CVE Database · CVE-2016-7461

CVE-2016-7461

· N/AModified

CVSS v3.1

N/A

EPSS

0.54%

Published

Dec 29, 2016

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.

Weaknesses (CWE)

CWE-119

Affected Products (27)

vmware · fusionvulnerable

vmware · fusion_provulnerable

· fusion_pro

References (6)

http://www.securityfocus.com/bid/94280

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037282

http://www.vmware.com/security/advisories/VMSA-2016-0019.html

MitigationVendor Advisory

http://www.securityfocus.com/bid/94280

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037282

http://www.vmware.com/security/advisories/VMSA-2016-0019.html

MitigationVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs