CVE-2012-3288

CWE-20Improper Input Validation3 documents3 sources
Severity
9.3CRITICAL
EPSS
1.7%
top 17.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Vmware ESXVmware EsxiVmware Fusion+2 more
Timeline
PublishedJun 14
Latest updateMay 17

Description

VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages5 packages

NVDvmware/esxi4 versions+3
NVDvmware/fusion6 versions+5
NVDvmware/player12 versions+11
NVDvmware/workstation13 versions+12
NVDvmware/esx3.5, 4.0, 4.1+2

🔴Vulnerability Details

2
GHSA
GHSA-9j82-jjqx-5j4g: VMware Workstation 72022-05-17
CVEList
CVE-2012-3288: VMware Workstation 72012-06-14
CVE-2012-3288 (CRITICAL CVSS 9.3) | VMware Workstation 7.x before 7.1.6 | cvebase.io