Published: 08/09/2012 Updated: 10/09/2012

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 695

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Untrusted search path vulnerability in VMware Tools in VMware Workstation prior to 8.0.4, VMware Player prior to 4.0.4, VMware Fusion prior to 4.1.2, VMware View prior to 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware workstation 8.0.1
vmware workstation 8.0.0.18997
vmware workstation 8.0
vmware workstation 8.0.2
vmware workstation
vmware workstation 8.0.1.27038
vmware player 4.0
vmware player 4.0.2
vmware player 4.0.0.18997
vmware player
vmware player 4.0.1
vmware fusion
vmware fusion 4.1
vmware fusion 4.0.2
vmware fusion 4.0
vmware fusion 4.0.1
vmware view
vmware view 4.6.0
vmware esx 4.1
vmware esx 5.0

source: wwwsecurityfocuscom/bid/55421/info ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application #include <windowsh> int hijack_poc () { WinExec ( "calcexe ...

VMWare Tools is susceptible to binary planting / DLL hijacking ...

NVD-CWE-Other https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html https://nvd.nist.gov https://www.exploit-db.com/exploits/37780/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1666

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect