CVE-2012-3289
high
CVSS v3
—
CVSS v2
7.8
VIR risk
7.8
Description
VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.vmware.com/security/advisories/VMSA-2012-0011.html
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | player | 4.0.3 | |
References
CWEs
CWE-94
Verify integrity in audit chain (admin only). AS-IS.