Lucene search
HistoryNov 14, 2012 - 12:30 p.m.
CVE-2012-5458
CVSS2
8.3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
25.1%
VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application.
Affected configurations
Node
vmwareplayerMatch4.0
ORvmwareplayerMatch4.0.0.18997
ORvmwareplayerMatch4.0.1
ORvmwareplayerMatch4.0.2
ORvmwareplayerMatch4.0.3
ORvmwareplayerMatch4.0.4
ORvmwareworkstationMatch8.0
ORvmwareworkstationMatch8.0.0.18997
ORvmwareworkstationMatch8.0.1
ORvmwareworkstationMatch8.0.1.27038
ORvmwareworkstationMatch8.0.2
ORvmwareworkstationMatch8.0.3
ORvmwareworkstationMatch8.0.4
microsoftwindows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vmware | player | 4.0 | cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:* |
| vmware | player | 4.0.0.18997 | cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:* |
| vmware | player | 4.0.1 | cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:* |
| vmware | player | 4.0.2 | cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:* |
| vmware | player | 4.0.3 | cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:* |
| vmware | player | 4.0.4 | cpe:2.3:a:vmware:player:4.0.4:*:*:*:*:*:*:* |
| vmware | workstation | 8.0 | cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:* |
| vmware | workstation | 8.0.0.18997 | cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:* |
| vmware | workstation | 8.0.1 | cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:* |
| vmware | workstation | 8.0.1.27038 | cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-5458
2012-11-14 11:00:00
prion
prion
Design/Logic Flaw
2012-11-14 12:30:00
cve
cve
CVE-2012-5458
2012-11-14 12:30:59
nessus
nessus
VMware Workstation 8.x < 8.0.5 Multiple Vulnerabilities (VMSA-2012-0015)
2012-11-28 00:00:00
VMware Player 4.x < 4.0.5 Multiple Vulnerabilities (VMSA-2012-0015)
2012-11-28 00:00:00
vmware
vmware
VMware Hosted Products and OVF Tool address security issues
2012-11-08 00:00:00
openvas
openvas
CVSS2
8.3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
25.1%
Related for NVD:CVE-2012-5458