← Volver a CVEs

CVE-2012-1516

CRITICAL

9.9

Descripcion

The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers.

Detalles CVE

Puntuacion CVSS v3.19.9

SeveridadCRITICAL

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado5/4/2012

Ultima modificacion4/11/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

vmware:esxvmware:esxi

Debilidades (CWE)

CWE-119

Referencias

http://www.securityfocus.com/bid/53369(cve@mitre.org)

http://www.securitytracker.com/id?1027018(cve@mitre.org)

http://www.vmware.com/security/advisories/VMSA-2012-0009.html(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/75373(cve@mitre.org)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16810(cve@mitre.org)

http://www.securityfocus.com/bid/53369(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1027018(af854a3a-2127-422b-91ae-364da2661108)

http://www.vmware.com/security/advisories/VMSA-2012-0009.html(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/75373(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16810(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.