CVE-2012-5458

EUVD-2012-5377
VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.3 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
vmwareplayer
4.0
vmwareplayer
4.0.0.18997
vmwareplayer
4.0.1
vmwareplayer
4.0.2
vmwareplayer
4.0.3
vmwareplayer
4.0.4
vmwareworkstation
8.0
vmwareworkstation
8.0.0.18997
vmwareworkstation
8.0.1
vmwareworkstation
8.0.1.27038
vmwareworkstation
8.0.2
vmwareworkstation
8.0.3
vmwareworkstation
8.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/87118
http://www.securityfocus.com/bid/56469
http://www.vmware.com/security/advisories/VMSA-2012-0015.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/79924
http://osvdb.org/87118
http://www.securityfocus.com/bid/56469
http://www.vmware.com/security/advisories/VMSA-2012-0015.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/79924