CVE-2013-3519

lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.9 UNKNOWN
ADJACENT_NETWORK
MEDIUM
AV:A/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
VendorProductVersion
vmwareesxi
4.0
vmwareesxi
4.1
vmwareesxi
5.0
vmwareesxi
5.1
vmwareworkstation
9.0
vmwareworkstation
9.0.1
vmwareworkstation
9.0.2
vmwareesx
4.0
vmwareesx
4.1
vmwareplayer
5.0
vmwareplayer
5.0.1
vmwareplayer
5.0.2
vmwarefusion
5.0
vmwarefusion
5.0.1
vmwarefusion
5.0.2
vmwarefusion
5.0.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.vmware.com/security/advisories/VMSA-2013-0014.html
http://www.vmware.com/security/advisories/VMSA-2013-0014.html