CVE-2012-1518
VMware Workstation/Player/Fusion/ESXi/ESX Privilege Escalation via VMware Tools Folder ACL
Title source: llmDescription
VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors.
References (7)
Core 7
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48782
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/81163
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026922
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53006
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2012-0007.html
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16745
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026923
Scores
EPSS
0.0091
EPSS Percentile
76.1%
Details
CWE
CWE-264
Status
published
Products (17)
vmware/esx
3.5 (4 CPE variants)
vmware/esx
4.0
vmware/esx
4.1
vmware/esxi
3.5 (2 CPE variants)
vmware/esxi
4.0 (5 CPE variants)
vmware/esxi
4.1 (3 CPE variants)
vmware/esxi
5.0
vmware/fusion
4.0
vmware/fusion
4.0.1
vmware/fusion
4.0.2
... and 7 more
Published
Apr 17, 2012
Tracked Since
Feb 18, 2026