Vulnerability Details CVE-2012-1517
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.6%
CVSS Severity
CVSS v2 Score 9.0
References
- http://osvdb.org/81692
- http://www.securityfocus.com/bid/53369
- http://www.securitytracker.com/id?1027018
- http://www.vmware.com/security/advisories/VMSA-2012-0009.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75374
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17231
- http://osvdb.org/81692
- http://www.securityfocus.com/bid/53369
- http://www.securitytracker.com/id?1027018
- http://www.vmware.com/security/advisories/VMSA-2012-0009.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75374
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17231