CVE-2012-5459

Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.9 UNKNOWN
ADJACENT_NETWORK
MEDIUM
AV:A/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
vmwareplayer
4.0
vmwareplayer
4.0.0.18997
vmwareplayer
4.0.1
vmwareplayer
4.0.2
vmwareplayer
4.0.3
vmwareplayer
4.0.4
vmwareworkstation
8.0
vmwareworkstation
8.0.0.18997
vmwareworkstation
8.0.1
vmwareworkstation
8.0.1.27038
vmwareworkstation
8.0.2
vmwareworkstation
8.0.3
vmwareworkstation
8.0.4
𝑥
= Vulnerable software versions
References
http://osvdb.org/87119
http://www.securityfocus.com/bid/56470
http://www.vmware.com/security/advisories/VMSA-2012-0015.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/79923
http://osvdb.org/87119
http://www.securityfocus.com/bid/56470
http://www.vmware.com/security/advisories/VMSA-2012-0015.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/79923