a. VMware Tools Display Driver Privilege Escalation
The VMware XPDM and WDDM display drivers contain buffer overflow vulnerabilities and the XPDM display driver does not properly check for NULL pointers. Exploitation of these issues may lead to local privilege escalation on Windows-based Guest Operating Systems.
VMware would like to thank Tarjei Mandt for reporting theses issues to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-1509 (XPDM buffer overrun), CVE-2012-1510 (WDDM buffer overrun) and CVE-2012-1508 (XPDM null pointer dereference) to these issues.
Note: CVE-2012-1509 doesnโt affect ESXi and ESX.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.