CVE-2012-1666

2012-09-0810:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2012-1666

vmware tools

vmware workstation

vmware player

vmware fusion

vmware view

vmware esx

nvd

privilege escalation

security vulnerability

6.3 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

15.1%

JSON

Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.

CPENameOperatorVersion
vmware:workstationvmware workstationeq8.0.0.18997
vmware:workstationvmware workstationeq8.0.1
vmware:workstationvmware workstationle8.0.3
vmware:workstationvmware workstationeq8.0.2
vmware:workstationvmware workstationeq8.0.1.27038
vmware:workstationvmware workstationeq8.0
vmware:playervmware playereq4.0.1
vmware:playervmware playereq4.0.2
vmware:playervmware playereq4.0
vmware:playervmware playereq4.0.0.18997

CPE	Name	Operator	Version
vmware:workstation	vmware workstation	eq	8.0.0.18997
vmware:workstation	vmware workstation	eq	8.0.1
vmware:workstation	vmware workstation	le	8.0.3
vmware:workstation	vmware workstation	eq	8.0.2
vmware:workstation	vmware workstation	eq	8.0.1.27038
vmware:workstation	vmware workstation	eq	8.0
vmware:player	vmware player	eq	4.0.1
vmware:player	vmware player	eq	4.0.2
vmware:player	vmware player	eq	4.0
vmware:player	vmware player	eq	4.0.0.18997