Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5459

Overview

Vulnerability Score 7.9 7.9
CVE Id CVE-2012-5459
Last Modified 19 Nov 2012 11:50:48
Published 14 Nov 2012 07:30:59
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5459

Summary

Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder."

Vulnerable Systems

Application

  • Vmware Player 4.0

  • Vmware Player 4.0.0.18997

  • Vmware Player 4.0.1

  • Vmware Player 4.0.2

  • Vmware Player 4.0.3

  • Vmware Player 4.0.4

  • Vmware Workstation 8.0

  • Vmware Workstation 8.0.0.18997

  • Vmware Workstation 8.0.1

  • Vmware Workstation 8.0.1.27038

  • Vmware Workstation 8.0.2

  • Vmware Workstation 8.0.3

  • Vmware Workstation 8.0.4


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2012-0015.html

XF - workstation-dll-code-exec(79923)

BID - 56470

OSVDB - 87119

Related Patches

VMware VMSA-2013-0002 VMSA-2012-0015 VMware Workstation 8.0.5 for Windows (Update) (All Languages) (See Notes) (Rev 3)

VMware VMSA-2012-0015 VMware Player 4.0.5 for Windows (Update) (All Languages) (See Notes) (Rev 2)


Last Updated: 27 May 2016 10:58:27