Lucene search

MitreCVE-2016-5328

HistoryDec 29, 2016 - 9:59 a.m.

CVE-2016-5328

2016-12-2909:59:00

CWE-200

CWE-254

mitre

web.nvd.nist.gov

vmware tools

os x

sip

kaslr

cve-2016-5328

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

Percentile

5.1%

JSON

VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors.

Affected configurations

Nvd

Node

vmwaretoolsRange≤10.0.8

vmwaretoolsMatch10.0.0

vmwaretoolsMatch10.0.5

vmwaretoolsMatch10.0.6

AND

applemac_os_x

Node

vmwaretoolsMatch9.0.0

vmwaretoolsMatch9.0.1

vmwaretoolsMatch9.0.5

vmwaretoolsMatch9.0.10

vmwaretoolsMatch9.0.11

vmwaretoolsMatch9.0.12

vmwaretoolsMatch9.0.13

vmwaretoolsMatch9.0.15

vmwaretoolsMatch9.0.16

vmwaretoolsMatch9.0.17

vmwaretoolsMatch9.4.0

vmwaretoolsMatch9.4.5

vmwaretoolsMatch9.4.10

vmwaretoolsMatch9.4.11

vmwaretoolsMatch9.4.12

vmwaretoolsMatch9.4.15

vmwaretoolsMatch9.10.0

vmwaretoolsMatch9.10.1

vmwaretoolsMatch9.10.5

AND

applemac_os_x

VendorProductVersionCPE
vmwaretools*cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*
vmwaretools10.0.0cpe:2.3:a:vmware:tools:10.0.0:*:*:*:*:*:*:*
vmwaretools10.0.5cpe:2.3:a:vmware:tools:10.0.5:*:*:*:*:*:*:*
vmwaretools10.0.6cpe:2.3:a:vmware:tools:10.0.6:*:*:*:*:*:*:*
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
vmwaretools9.0.0cpe:2.3:a:vmware:tools:9.0.0:*:*:*:*:*:*:*
vmwaretools9.0.1cpe:2.3:a:vmware:tools:9.0.1:*:*:*:*:*:*:*
vmwaretools9.0.5cpe:2.3:a:vmware:tools:9.0.5:*:*:*:*:*:*:*
vmwaretools9.0.10cpe:2.3:a:vmware:tools:9.0.10:*:*:*:*:*:*:*
vmwaretools9.0.11cpe:2.3:a:vmware:tools:9.0.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vmware	tools	*	cpe:2.3:a:vmware:tools::::::::
vmware	tools	10.0.0	cpe:2.3:a:vmware:tools:10.0.0:::::::*
vmware	tools	10.0.5	cpe:2.3:a:vmware:tools:10.0.5:::::::*
vmware	tools	10.0.6	cpe:2.3:a:vmware:tools:10.0.6:::::::*
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
vmware	tools	9.0.0	cpe:2.3:a:vmware:tools:9.0.0:::::::*
vmware	tools	9.0.1	cpe:2.3:a:vmware:tools:9.0.1:::::::*
vmware	tools	9.0.5	cpe:2.3:a:vmware:tools:9.0.5:::::::*
vmware	tools	9.0.10	cpe:2.3:a:vmware:tools:9.0.10:::::::*
vmware	tools	9.0.11	cpe:2.3:a:vmware:tools:9.0.11:::::::*

Rows per page:

1-10 of 241

References

www.securityfocus.com/bid/93886

www.securitytracker.com/id/1037102

www.vmware.com/security/advisories/VMSA-2016-0017.html

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2016-5328