Microsoft Windows and VMware ESXi/ESX CVE-2012-1515 Local Privilege Escalation Vulnerability

Bugtraq ID:	52820
Class:	Design Error
CVE:	CVE-2012-1515
Remote:	No
Local:	Yes
Published:	Mar 30 2012 12:00AM
Updated:	Mar 19 2015 09:10AM
Credit:	Derek Soeder of Ridgeway Internet Security, L.L.C
Vulnerable:	VMWare ESXi 4.1 VMWare ESXi 4.0 VMWare ESXi 3.5 VMWare ESX 4.1 VMWare ESX 4.0 VMWare ESX 3.5 Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Service Pack 3 0 Microsoft Windows XP Professional SP3 Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Media Center Edition 2005 SP3 Microsoft Windows XP Media Center Edition SP3 Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP3 Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows XP 0 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1
Not Vulnerable:

Microsoft Windows and VMware ESXi/ESX CVE-2012-1515 Local Privilege Escalation Vulnerability

Microsoft Windows and VMware ESXi and ESX are prone to a local privilege-escalation vulnerability related to BIOS ROM memory.

Local attackers can exploit this issue in VMware ESXi and ESX to execute arbitrary code with elevated privileges on a host running the affected applications.

Local attackers can exploit this issue in Microsoft Windows to execute arbitrary code with kernel-level privileges.

Microsoft Windows and VMware ESXi/ESX CVE-2012-1515 Local Privilege Escalation Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]

Microsoft Windows and VMware ESXi/ESX CVE-2012-1515 Local Privilege Escalation Vulnerability

Solution:
Updates are available. Please see the references for more information.


Microsoft Windows XP Media Center Edition SP3

• Microsoft Security Update for Windows XP (KB2707511)
  http://www.microsoft.com/downloads/details.aspx?familyid=0efff733-4c8d -4fce-8de3-28465c6b762b

Microsoft Windows XP Home SP3

• Microsoft Security Update for Windows XP (KB2707511)
  http://www.microsoft.com/downloads/details.aspx?familyid=0efff733-4c8d -4fce-8de3-28465c6b762b

Microsoft Windows Server 2003 SP2

• Microsoft Security Update for Windows Server 2003 (KB2707511)
  http://www.microsoft.com/downloads/details.aspx?familyid=855611a1-91ad -4d22-8c1c-fdcd6af4cef0

Microsoft Windows XP Tablet PC Edition SP3

• Microsoft Security Update for Windows XP (KB2707511)
  http://www.microsoft.com/downloads/details.aspx?familyid=0efff733-4c8d -4fce-8de3-28465c6b762b

Microsoft Windows and VMware ESXi/ESX CVE-2012-1515 Local Privilege Escalation Vulnerability

References:

• VMSA-2012-0006 VMware ESXi and ESX address several security issues (Full Disclosure mailing list archives)
  
• VMware Homepage (VMware)
  
• VMware High-Bandwidth Backdoor ROM Overwrite Privilege Elevation ([email protected] )
  
• Microsoft Security Bulletin MS12-042 (Microsoft)