7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.059 Low
EPSS
Percentile
93.3%
a. VMware Tools Display Driver Privilege Escalation The VMware XPDM and WDDM display drivers contain buffer overflow vulnerabilities and the XPDM display driver does not properly check for NULL pointers. Exploitation of these issues may lead to local privilege escalation on Windows-based Guest Operating Systems. VMware would like to thank Tarjei Mandt for reporting theses issues to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-1509 (XPDM buffer overrun), CVE-2012-1510 (WDDM buffer overrun) and CVE-2012-1508 (XPDM null pointer dereference) to these issues. Note: CVE-2012-1509 doesnโt affect ESXi and ESX. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1508
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1509
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1510
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1512
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1513
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1514
www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html