CVE-2012-2752
high
CVSS v3
—
CVSS v2
7.2
VIR risk
7.2
Description
Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.vmware.com/security/advisories/VMSA-2012-0010.html
References
- http://osvdb.org/82276
- http://secunia.com/advisories/49300
- http://secunia.com/advisories/49322
- http://www.securityfocus.com/bid/53697
- http://www.securitytracker.com/id?1027099
- http://www.vmware.com/security/advisories/VMSA-2012-0010.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75891
- http://osvdb.org/82276
- http://secunia.com/advisories/49300
- http://secunia.com/advisories/49322
- http://www.securityfocus.com/bid/53697
- http://www.securitytracker.com/id?1027099
- http://www.vmware.com/security/advisories/VMSA-2012-0010.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75891
Verify integrity in audit chain (admin only). AS-IS.