CVE-2016-5330

Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
vmwareworkstation_player
12.1.0 ≤
𝑥
< 12.1.1
vmwareworkstation_pro
12.1.0 ≤
𝑥
< 12.1.1
vmwareesxi
5.0 ≤
𝑥
≤ 6.0
vmwarefusion
8.1 ≤
𝑥
< 8.1.1
vmwaretools
9.0.0 ≤
𝑥
≤ 10.3.22
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload
http://www.securityfocus.com/archive/1/539131/100/0/threaded
http://www.securityfocus.com/bid/92323
http://www.securitytracker.com/id/1036544
http://www.securitytracker.com/id/1036545
http://www.securitytracker.com/id/1036619
http://www.vmware.com/security/advisories/VMSA-2016-0010.html
https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html
http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload
http://www.securityfocus.com/archive/1/539131/100/0/threaded
http://www.securityfocus.com/bid/92323
http://www.securitytracker.com/id/1036544
http://www.securitytracker.com/id/1036545
http://www.securitytracker.com/id/1036619
http://www.vmware.com/security/advisories/VMSA-2016-0010.html
https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html