CVE-2012-1518
Summary
| CVE | CVE-2012-1518 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-04-17 21:55:00 UTC |
| Updated | 2017-12-29 02:29:00 UTC |
| Description | VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Vmware | Esx | 3.5 | All | All | All |
| Operating System | Vmware | Esx | 3.5 | update1 | All | All |
| Operating System | Vmware | Esx | 3.5 | update2 | All | All |
| Operating System | Vmware | Esx | 3.5 | update3 | All | All |
| Operating System | Vmware | Esx | 4.0 | All | All | All |
| Operating System | Vmware | Esx | 4.1 | All | All | All |
| Operating System | Vmware | Esx | 3.5 | All | All | All |
| Operating System | Vmware | Esx | 3.5 | update1 | All | All |
| Operating System | Vmware | Esx | 3.5 | update2 | All | All |
| Operating System | Vmware | Esx | 3.5 | update3 | All | All |
| Operating System | Vmware | Esx | 4.0 | All | All | All |
| Operating System | Vmware | Esx | 4.1 | All | All | All |
| Operating System | Vmware | Esxi | 3.5 | All | All | All |
| Operating System | Vmware | Esxi | 3.5 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.0 | All | All | All |
| Operating System | Vmware | Esxi | 4.0 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 2 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 3 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 4 | All | All |
| Operating System | Vmware | Esxi | 4.1 | All | All | All |
| Operating System | Vmware | Esxi | 4.1 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.1 | 2 | All | All |
| Operating System | Vmware | Esxi | 5.0 | All | All | All |
| Operating System | Vmware | Esxi | 3.5 | All | All | All |
| Operating System | Vmware | Esxi | 3.5 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.0 | All | All | All |
| Operating System | Vmware | Esxi | 4.0 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 2 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 3 | All | All |
| Operating System | Vmware | Esxi | 4.0 | 4 | All | All |
| Operating System | Vmware | Esxi | 4.1 | All | All | All |
| Operating System | Vmware | Esxi | 4.1 | 1 | All | All |
| Operating System | Vmware | Esxi | 4.1 | 2 | All | All |
| Operating System | Vmware | Esxi | 5.0 | All | All | All |
| Application | Vmware | Fusion | 4.0 | All | All | All |
| Application | Vmware | Fusion | 4.0.1 | All | All | All |
| Application | Vmware | Fusion | 4.0.2 | All | All | All |
| Application | Vmware | Fusion | 4.1 | All | All | All |
| Application | Vmware | Fusion | 4.1.1 | All | All | All |
| Application | Vmware | Fusion | 4.0 | All | All | All |
| Application | Vmware | Fusion | 4.0.1 | All | All | All |
| Application | Vmware | Fusion | 4.0.2 | All | All | All |
| Application | Vmware | Fusion | 4.1 | All | All | All |
| Application | Vmware | Fusion | 4.1.1 | All | All | All |
| Application | Vmware | Player | 4.0 | All | All | All |
| Application | Vmware | Player | 4.0.1 | All | All | All |
| Application | Vmware | Player | 4.0.2 | All | All | All |
| Application | Vmware | Player | 4.0 | All | All | All |
| Application | Vmware | Player | 4.0.1 | All | All | All |
| Application | Vmware | Player | 4.0.2 | All | All | All |
| Application | Vmware | Workstation | 8.0 | All | All | All |
| Application | Vmware | Workstation | 8.0.1 | All | All | All |
| Application | Vmware | Workstation | 8.0 | All | All | All |
| Application | Vmware | Workstation | 8.0.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory SA48782 - VMware Multiple Products Privilege Escalation Security Issue - Secunia | SECUNIA | secunia.com | |
| VMware Workstation/Player/Fusion VMware Tools Access Control Error Lets Local Users Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | |
| 81163 | OSVDB | osvdb.org | |
| VMware Multiple Products Local Privilege Escalation Vulnerability | BID | www.securityfocus.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| VMSA-2012-0007.1 | CONFIRM | www.vmware.com | Vendor Advisory |
| VMware ESX/ESXi VMware Tools Access Control Error Lets Local Users Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.