Vulnerability CVE-2012-3289 - CERT Civis.Net

Vulnerability Name:

CVE-2012-3289 (CCN-76289)

Assigned:

2012-06-14

Published:

2012-06-14

Updated:

2012-06-15

Summary:

VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2012-3289

Source: CCN
Type: SA49430
VMware Multiple Products Checkpoint File Parsing Vulnerability

Source: CCN
Type: OSVDB ID: 82980
VMware Multiple Product Remote Virtual Device Traffic Handling Remote DoS

Source: CCN
Type: VMSA-2012-0011
VMware hosted products and ESXi and ESX patches address security issues

Source: CONFIRM
Type: Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2012-0011.html

Source: XF
Type: UNKNOWN
vmware-virtual-machine-dos(76289)

Vulnerable Configuration:

Configuration 1:

cpe:/a:vmware:workstation:8.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:8.0.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:8.0.3:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:vmware:player:4.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:player:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:player:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:player:4.0.3:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:vmware:esx:3.5:*:*:*:*:*:*:*

OR cpe:/o:vmware:esx:3.5:update1:*:*:*:*:*:*

OR cpe:/o:vmware:esx:3.5:update2:*:*:*:*:*:*

OR cpe:/o:vmware:esx:3.5:update3:*:*:*:*:*:*

OR cpe:/o:vmware:esx:4.0:*:*:*:*:*:*:*

OR cpe:/o:vmware:esx:4.1:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:3.5:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:3.5:1:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.0:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.0:1:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.0:2:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.0:3:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.0:4:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.1:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.1:1:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:4.1:2:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:5.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:vmware:esx_server:3.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:esxi:3.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:esx_server:4.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:esxi:4.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:esxi:4.1:*:*:*:*:*:*:*

OR cpe:/o:vmware:esxi:5.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:20641	V	VMware hosted products and ESXi and ESX patches address security issues	2014-01-20