CVE-2012-1508

2012-03-1620:55:00

CWE-264

[email protected]

web.nvd.nist.gov

vmware

esxi

esx

xpdm

display driver

vulnerability

cve-2012-1508

nvd

guest os

null pointer dereference

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.9%

JSON

The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.

Affected configurations

NVD

Node

vmwareesxMatch4.0

vmwareesxMatch4.1

vmwareviewRange≤4.6.0

vmwareesxiMatch4.0

vmwareesxiMatch4.1

vmwareesxiMatch5.0

CPENameOperatorVersion
vmware:esxvmware esxeq4.0
vmware:esxvmware esxeq4.1
vmware:viewvmware viewle4.6.0
vmware:esxivmware esxieq4.0
vmware:esxivmware esxieq4.1
vmware:esxivmware esxieq5.0

CPE	Name	Operator	Version
vmware:esx	vmware esx	eq	4.0
vmware:esx	vmware esx	eq	4.1
vmware:view	vmware view	le	4.6.0
vmware:esxi	vmware esxi	eq	4.0
vmware:esxi	vmware esxi	eq	4.1
vmware:esxi	vmware esxi	eq	5.0