CVE-2012-1517

CWE-119Buffer Overflow4 documents4 sources
Severity
9.0CRITICAL
EPSS
1.3%
top 20.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware ESXVmware Esxi
Timeline
PublishedMay 4
Latest updateMay 17

Description

The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages2 packages

NVDvmware/esxi4.1
NVDvmware/esx4.1

🔴Vulnerability Details

2
GHSA
GHSA-vx8r-2h9j-5r4f: The VMX process in VMware ESXi 42022-05-17
CVEList
CVE-2012-1517: The VMX process in VMware ESXi 42012-05-04

💥Exploits & PoCs

1
Exploit-DB
SAP NetWeaver Dispatcher - Multiple Vulnerabilities2012-05-09
CVE-2012-1517 (CRITICAL CVSS 9) | The VMX process in VMware ESXi 4.1 | cvebase.io