Vulnerability Name:

CVE-2012-1518

Assigned:2012-04-17
Published:2012-04-17
Updated:2017-12-29
Summary:VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors.
CVSS v3 Severity:9.6 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:8.3 High (CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
8.3 High (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
References:Source: MITRE
Type: CNA
CVE-2012-1518

Source: OSVDB
Type: UNKNOWN
81163

Source: SECUNIA
Type: UNKNOWN
48782

Source: BID
Type: UNKNOWN
53006

Source: SECTRACK
Type: UNKNOWN
1026922

Source: SECTRACK
Type: UNKNOWN
1026923

Source: CONFIRM
Type: Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2012-0007.html

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:16745

Vulnerable Configuration:Configuration 1:
  • cpe:/a:vmware:workstation:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:8.0.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:vmware:player:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:player:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:player:4.0.2:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:vmware:fusion:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:fusion:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:fusion:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:fusion:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:fusion:4.1.1:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:vmware:esxi:3.5:*:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:3.5:1:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.0:1:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.0:2:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.0:3:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.0:4:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.1:*:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.1:1:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:4.1:2:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:5.0:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:vmware:esx:3.5:*:*:*:*:*:*:*
  • OR cpe:/o:vmware:esx:3.5:update1:*:*:*:*:*:*
  • OR cpe:/o:vmware:esx:3.5:update2:*:*:*:*:*:*
  • OR cpe:/o:vmware:esx:3.5:update3:*:*:*:*:*:*
  • OR cpe:/o:vmware:esx:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:vmware:esx:4.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:20681
    V
    		VMware hosted products and ESXi/ESX patches address privilege escalation
    2014-01-20
    oval:org.mitre.oval:def:16745
    V
    		VMware hosted products address privilege escalation
    2013-07-29
    BACK
    vmware workstation 8.0
    vmware workstation 8.0.1
    vmware player 4.0
    vmware player 4.0.1
    vmware player 4.0.2
    vmware fusion 4.0
    vmware fusion 4.0.1
    vmware fusion 4.0.2
    vmware fusion 4.1
    vmware fusion 4.1.1
    vmware esxi 3.5
    vmware esxi 3.5 1
    vmware esxi 4.0
    vmware esxi 4.0 1
    vmware esxi 4.0 2
    vmware esxi 4.0 3
    vmware esxi 4.0 4
    vmware esxi 4.1
    vmware esxi 4.1 1
    vmware esxi 4.1 2
    vmware esxi 5.0
    vmware esx 3.5
    vmware esx 3.5 update1
    vmware esx 3.5 update2
    vmware esx 3.5 update3
    vmware esx 4.0
    vmware esx 4.1