Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4897

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2012-4897
Last Modified 07 Feb 2013 12:00:01
Published 05 Oct 2012 01:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4897

Summary

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory.

Vulnerable Systems

Application

  • Vmware Movie Decoder 6.5.2

  • Vmware Movie Decoder 6.5.3

  • Vmware Movie Decoder 6.5.4

  • Vmware Movie Decoder 6.5.5

  • Vmware Movie Decoder 7.0

  • Vmware Movie Decoder 7.1.2


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2012-0014.html

XF - vmware-movie-code-execution(79046)

BID - 55802

BUGTRAQ - 20121010 VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates

OSVDB - 85957


Last Updated: 27 May 2016 11:00:54