CVE-2012-1666

VMware Tools <8.0.4-4.0.4-4.1.2-5.1 - Privilege Escalation

Title source: llm

Description

Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Moshe Zioni · clocalwindows

https://www.exploit-db.com/exploits/37780

View Code ZIP pw:eip

References (2)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html

[Vendor Advisory] https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity

Scores

EPSS 0.0020

EPSS Percentile 41.4%

Details

Status published

Products (20)

vmware/esx 4.1

vmware/esx 5.0

vmware/fusion 4.0

vmware/fusion 4.0.1

vmware/fusion 4.0.2

vmware/fusion 4.1

vmware/fusion < 4.1.1

vmware/player 4.0

vmware/player 4.0.0.18997

vmware/player 4.0.1

... and 10 more

Published Sep 08, 2012

Tracked Since Feb 18, 2026