← Retour aux CVEs

CVE-2012-1516

CRITICAL

9.9

Description

The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers.

Details CVE

Score CVSS v3.19.9

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisLOW

Interaction utilisateurNONE

Publie5/4/2012

Derniere modification4/11/2025

Sourcenvd

Observations honeypot0

Produits affectes

vmware:esxvmware:esxi

Faiblesses (CWE)

CWE-119

References

http://www.securityfocus.com/bid/53369(cve@mitre.org)

http://www.securitytracker.com/id?1027018(cve@mitre.org)

http://www.vmware.com/security/advisories/VMSA-2012-0009.html(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/75373(cve@mitre.org)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16810(cve@mitre.org)

http://www.securityfocus.com/bid/53369(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id?1027018(af854a3a-2127-422b-91ae-364da2661108)

http://www.vmware.com/security/advisories/VMSA-2012-0009.html(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/75373(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16810(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.