CVE-2012-3288
VMware Workstation 7.x-8.x, Player 3.x-4.x, Fusion 4.x, ESXi 3.5-5.0, ESX 3.5-4.1 - Remote Code Execution
Title source: llmDescription
VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2012-0011.html
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17178
Scores
EPSS
0.0165
EPSS Percentile
82.3%
Details
CWE
CWE-20
Status
published
Products (38)
vmware/esx
3.5 (4 CPE variants)
vmware/esx
4.0
vmware/esx
4.1
vmware/esxi
3.5 (2 CPE variants)
vmware/esxi
4.0 (5 CPE variants)
vmware/esxi
4.1 (3 CPE variants)
vmware/esxi
5.0
vmware/fusion
4.0
vmware/fusion
4.0.1
vmware/fusion
4.0.2
... and 28 more
Published
Jun 14, 2012
Tracked Since
Feb 18, 2026