CVE-2012-5458

high

Description

VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/79924

http://www.vmware.com/security/advisories/VMSA-2012-0015.html

http://www.securityfocus.com/bid/56469

http://osvdb.org/87118

Details

Source: Mitre, NVD

Published: 2012-11-14

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 8.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H