CVE-2012-1515
Published Apr 2, 2012
Last updated 6 years ago
Overview
- Description
- VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 8.3
- Impact score
- 10
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D"
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2"
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE"
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C"
}
],
"operator": "OR"
}
]
}
]