Lucene search

K

Ubuntu.comUB:CVE-2012-1666

HistorySep 08, 2012 - 12:00 a.m.

CVE-2012-1666

2012-09-0800:00:00

ubuntu.com

ubuntu.com

11

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.8%

Untrusted search path vulnerability in VMware Tools in VMware Workstation
before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2,
VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03
allows local users to gain privileges via a Trojan horse tpfc.dll file in
the current working directory.

Notes

Author	Note
sbeattie	windows only, attempts to open a dll

References

archives.neohapsis.com/archives/bugtraq/2012-09/0013.html

launchpad.net/bugs/cve/CVE-2012-1666

nvd.nist.gov/vuln/detail/CVE-2012-1666

security-tracker.debian.org/tracker/CVE-2012-1666

www.cve.org/CVERecord?id=CVE-2012-1666

www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.8%

Related for UB:CVE-2012-1666

openvas5 prion1 securityvulns2 cvelist1 packetstorm1 cve1 nessus1