CVE-2012-1516

CWE-119Buffer Overflow4 documents4 sources
Severity
9.9CRITICAL
EPSS
1.2%
top 21.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware ESXVmware Esxi
Timeline
PublishedMay 4
Latest updateMay 13

Description

The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 3.1 | Impact: 6.0

Affected Packages2 packages

NVDvmware/esxi3.5, 4.0, 4.1+2
NVDvmware/esx3.5, 4.0, 4.1+2

🔴Vulnerability Details

2
GHSA
GHSA-35cq-g3fr-gm2p: The VMX process in VMware ESXi 32022-05-13
CVEList
CVE-2012-1516: The VMX process in VMware ESXi 32012-05-04

💥Exploits & PoCs

1
Exploit-DB
SAP NetWeaver Dispatcher - Multiple Vulnerabilities2012-05-09
CVE-2012-1516 (CRITICAL CVSS 9.9) | The VMX process in VMware ESXi 3.5 | cvebase.io