| Vulnerability Name: | CVE-2012-5458 (CCN-79924) | ||||||||
| Assigned: | 2012-11-08 | ||||||||
| Published: | 2012-11-08 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application. | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 8.3 High (CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C) 6.2 Medium (Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-264 | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2012-5458 Source: OSVDB Type: UNKNOWN 87118 Source: CCN Type: SA51237 VMware Workstation / Player Multiple Vulnerabilities Source: CCN Type: OSVDB ID: 87118 VMware Multiple Product Process Thread Insecure Permission Local Privilege Escalation Source: BID Type: UNKNOWN 56469 Source: CCN Type: BID-56469 VMware Player and Workstation CVE-2012-5458 Local Privilege Escalation Vulnerability Source: CCN Type: VMSA-2012-0015 VMware Hosted Products and OVF Tool address security issues Source: CONFIRM Type: Vendor Advisory http://www.vmware.com/security/advisories/VMSA-2012-0015.html Source: XF Type: UNKNOWN workstation-player-priv-esc(79924) Source: XF Type: UNKNOWN workstation-player-priv-esc(79924) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||