PRIOn knowledge basePRION:CVE-2012-1517

HistoryMay 04, 2012 - 4:55 p.m.

Design/Logic Flaw

2012-05-0416:55:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

64.1%

JSON

The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers.

CPENameOperatorVersion
esxeq4.1
esxieq4.1

CPE	Name	Operator	Version
	esx	eq	4.1
	esxi	eq	4.1

References

osvdb.org/81692

www.securityfocus.com/bid/53369

www.securitytracker.com/id?1027018

www.vmware.com/security/advisories/VMSA-2012-0009.html

exchange.xforce.ibmcloud.com/vulnerabilities/75374

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17231

8.2 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

64.1%

JSON

Related for PRION:CVE-2012-1517