Denial of Service Vulnerability in VMware ESXi and ESX
CVE-2012-1516

9.9CRITICAL

Key Information:

Vendor

Vmware
Status
Esx
Vendor
CVE Published:
4 May 2012

What is CVE-2012-1516?

The VMX process in VMware ESXi and ESX versions 3.5 to 4.1 fails to properly manage RPC commands. This flaw allows guest operating system users to trigger a denial of service by causing memory overwrites and process crashes. Additionally, it may enable the execution of arbitrary code on the host operating system, posing significant security risks.

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.vmware.com/security/advisories/VMSA-2012-0009....
x_refsource_CONFIRM
http://www.securitytracker.com/id?1027018
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.