Untrusted Search Path Vulnerability in VMware Movie Decoder by VMware
CVE-2012-4897

Currently unrated

Key Information:

Vendor: Vmware
Status: Movie Decoder
Vendor: CVE Published:; 5 October 2012

What is CVE-2012-4897?

The untrusted search path vulnerability in the installer of VMware Movie Decoder prior to version 9.0 enables local users to exploit the system. By placing a specially crafted Trojan horse executable file in the installer directory, an attacker can gain elevated privileges, potentially compromising the integrity of the system. Users should ensure they are using updated versions of the software to mitigate this security risk.

References

http://www.vmware.com/security/advisories/VMSA-2012-0014....

x_refsource_CONFIRM

http://www.securityfocus.com/bid/55802

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/79046

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 5, 2012
Vulnerability Reserved
Sep 12, 2012

Vmware

What is CVE-2012-4897?

References

Timeline