VMware Workstation 8.x < 8.0.5 Multiple Vulnerabilities (VMSA-2012-0015)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.

Synopsis :

The remote host has a virtualization application that is affected by
multiple vulnerabilities.

Description :

The VMware Workstation 8.x install detected on the remote host is
earlier than 8.0.5 and is, therefore, potentially affected by the
following vulnerabilities :

- Certain processes, when created, have weak security
permissions assigned. It is possible to commandeer
these process threads, which could result in elevation
of privileges in the context of the host. (CVE-2012-5458)

- A DLL binary planning vulnerability exists that could be
exploited by an attacker to execute arbitrary code on
the remote host. (CVE-2012-5459)

See also :


Solution :

Upgrade to VMware Workstation 8.0.5 or later.

Risk factor :

High / CVSS Base Score : 8.3
CVSS Temporal Score : 6.1
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 63077 ()

Bugtraq ID: 56469

CVE ID: CVE-2012-5458

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now