| Vulnerability Name: | CVE-2012-1666 (CCN-78301) |
| Assigned: | 2012-09-04 |
| Published: | 2012-09-04 |
| Updated: | 2012-09-10 |
| Summary: | Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426 Untrusted Search Path'
|
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)| Exploitability Metrics: | Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Changed
| | Impact Metrics: | Confidentiality (C): High
Integrity (I): High
Availibility (A): High |
|
| CVSS v2 Severity: | 6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.4 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete |
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete |
|
| Vulnerability Type: | CWE-Other
|
| Vulnerability Consequences: | Gain Access |
| References: | Source: BUGTRAQ
Type: UNKNOWN
20120904 VMWare Tools susceptible to binary planting by hijack
Source: MITRE
Type: CNA
CVE-2012-1666
Source: CCN
Type: Packetstorm Security Website
VMWare Tools Binary Planting
Source: CCN
Type: BID-55421
ThinPrint 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution Vulnerability
Source: XF
Type: UNKNOWN
vmware-dll-code-exec(78301)
Source: CCN
Type: VMWare Web site
VMWare
Source: CONFIRM
Type: UNKNOWN
https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:vmware:workstation:8.0:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:8.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:8.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:*:*:*:*:*:*:*:* (Version <= 8.0.3)
Configuration 2:
cpe:/a:vmware:player:4.0:*:*:*:*:*:*:*OR cpe:/a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*OR cpe:/a:vmware:player:4.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:player:4.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:player:*:*:*:*:*:*:*:* (Version <= 4.0.3)
Configuration 3:
cpe:/a:vmware:fusion:4.0:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:4.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:4.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:4.1:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:*:*:*:*:*:*:*:* (Version <= 4.1.1)
Configuration 4:
cpe:/a:vmware:view:4.6.0:*:*:*:*:*:*:*OR cpe:/a:vmware:view:*:*:*:*:*:*:*:* (Version <= 5.0)
Configuration 5:
cpe:/o:vmware:esx:4.1:*:*:*:*:*:*:*OR cpe:/o:vmware:esx:5.0:*:*:*:*:*:*:*
Configuration CCN 1:
cpe:/a:vmware:esx:4.1:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:4.1.1:*:*:*:*:*:*:*OR cpe:/a:vmware:player:4.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:player:4.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:8.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:8.0.2:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| Oval Definitions |
|
| BACK |