CVE-2012-2448Improper Restriction of Operations within the Bounds of a Memory Buffer in Vmware ESX

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.5HIGHNVD
EPSS
2.1%
top 15.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware ESXVmware Esxi
Timeline
PublishedMay 4
Latest updateMay 17

Description

VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDvmware/esxi4 versions+3
NVDvmware/esx3.5, 4.0, 4.1+2

🔴Vulnerability Details

2
GHSA
GHSA-c8hc-72c4-3qcv: VMware ESXi 32022-05-17
CVEList
CVE-2012-2448: VMware ESXi 32012-05-04
CVE-2012-2448 — Vmware ESX vulnerability | cvebase