Improper RPC Command Handling in VMware ESXi and ESX Products
CVE-2012-1517

Currently unrated

Key Information:

Vendor
Vmware
Status
Vendor
CVE Published:
4 May 2012

Summary

The VMX process in VMware ESXi 4.1 and ESX 4.1 contains a vulnerability due to improper handling of RPC commands, which can be exploited by guest OS users. Attackers may leverage this vulnerability to perform a denial of service attack, causing a memory overwrite and crash of the process. Additionally, there is a potential for arbitrary code execution on the host OS, through manipulation of function pointers. This vulnerability highlights the need for vigilant patch management and security practices to mitigate related risks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.