VMWare published today advisory VMSA-2016-0019 affecting products VMware Workstation Pro / Player and VMware Fusion Pro / Fusion. The issue is located in the drag and drop feature, which is affected by an out-of-bounds memory access vulnerability.
We have not seen yet any active exploiting for this CVE. If you see something, please share it with us by our contact form.
More information at http://www.vmware.com/security/advisories/VMSA-2016-0019.html
Manuel Humberto Santander Pelaacuteez
Nov 14th 2016
8 months ago