| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
| CVE-2012-1518 | 17 Apr 201221:00 | – | cve | |
| CVE-2012-1518 | 17 Apr 201221:00 | – | cvelist | |
| EUVD-2012-1536 | 7 Oct 202500:30 | – | euvd | |
| VMware Fusion 4.x < 4.1.2 (VMSA-2012-0007) | 19 Apr 201200:00 | – | nessus | |
| ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check) | 13 Nov 201300:00 | – | nessus | |
| VMware Player Local Privilege Escalation (VMSA-2012-0007) | 19 Apr 201200:00 | – | nessus | |
| VMSA-2012-0007 : VMware hosted products and ESXi/ESX patches address privilege escalation | 13 Apr 201200:00 | – | nessus | |
| VMware ESX / ESXi Tools Folder Incorrect ACL Privilege Escalation (VMSA-2012-0007) (remote check) | 3 Mar 201600:00 | – | nessus | |
| VMware Products Local Privilege Escalation (VMSA-2012-0007) | 19 Apr 201200:00 | – | nessus | |
| CVE-2012-1518 | 17 Apr 201221:55 | – | nvd |
| Source | Link |
|---|---|
| vmware | www.vmware.com/security/advisories/VMSA-2012-0007.html |
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.103466");
script_cve_id("CVE-2012-1518");
script_tag(name:"cvss_base", value:"8.3");
script_tag(name:"cvss_base_vector", value:"AV:A/AC:L/Au:N/C:C/I:C/A:C");
script_version("2026-04-28T06:28:06+0000");
script_name("VMware ESXi/ESX patches address privilege escalation (VMSA-2012-0007)");
script_tag(name:"last_modification", value:"2026-04-28 06:28:06 +0000 (Tue, 28 Apr 2026)");
script_tag(name:"creation_date", value:"2012-04-13 10:53:01 +0100 (Fri, 13 Apr 2012)");
script_category(ACT_GATHER_INFO);
script_family("VMware Local Security Checks");
script_copyright("Copyright (C) 2012 Greenbone AG");
script_dependencies("gb_vmware_esxi_init.nasl");
script_mandatory_keys("VMware/ESXi/LSC", "VMware/ESX/version");
script_xref(name:"URL", value:"http://www.vmware.com/security/advisories/VMSA-2012-0007.html");
script_tag(name:"solution", value:"Apply the missing patch(es).");
script_tag(name:"vuldetect", value:"Checks if the target host is missing one or more patch(es).");
script_tag(name:"summary", value:"The remote ESXi is missing one or more security related Updates from VMSA-2012-0007.");
script_tag(name:"affected", value:"ESXi 5.0 without patch ESXi500-201203102-SG
ESXi 4.1 without patch ESXi410-201201402-BG
ESXi 4.0 without patch ESXi400-201203402-BG
ESXi 3.5 without patch ESXe350-201203402-T-BG
ESX 4.1 without patch ESX410-201201401-SG
ESX 4.0 without patch ESX400-201203401-SG
ESX 3.5 without patch ESX350-201203402-BG");
script_tag(name:"insight", value:"VMware hosted products and ESXi/ESX patches address privilege escalation.
a. VMware Tools Incorrect Folder Permissions Privilege Escalation
The access control list of the VMware Tools folder is incorrectly set.
Exploitation of this issue may lead to local privilege escalation on
Windows-based Guest Operating Systems.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("vmware_esx.inc");
include("version_func.inc");
if(!get_kb_item("VMware/ESXi/LSC"))
exit(0);
if(!esxVersion = get_kb_item("VMware/ESX/version"))
exit(0);
patches = make_array("4.1.0", "ESXi410-201201402-BG",
"4.0.0", "ESXi400-201203402-BG",
"5.0.0", "VIB:tools-light:5.0.0-0.10.608089");
if(!patches[esxVersion])
exit(99);
if(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {
security_message(port:0, data:report);
exit(0);
}
exit(99);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation