Denial of Service Vulnerability in VMware ESXi and ESX
CVE-2012-1516

9.9CRITICAL

Key Information:

Vendor
Vmware
Status
Vendor
CVE Published:
4 May 2012

Summary

The VMX process in VMware ESXi and ESX versions 3.5 to 4.1 fails to properly manage RPC commands. This flaw allows guest operating system users to trigger a denial of service by causing memory overwrites and process crashes. Additionally, it may enable the execution of arbitrary code on the host operating system, posing significant security risks.

References

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.