CVE-2012-2449
Description
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.408
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.0 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.0.1 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.0.2 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.1 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.1.1 | Mac |
| Vulnerabilities CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.1.2 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.0 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.0.1 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.0.2 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.1 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288 are affected in VMware Fusion for MAC 4.1.1 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288,CVE-2013-1406 are affected in VMware Fusion for MAC 4.1 | Mac |
| Vulnerabilities CVE-2012-1518,CVE-2012-2449,CVE-2012-3288,CVE-2013-1406 are affected in VMware Fusion for MAC 4.1.1 | Mac |
| Vulnerabilities CVE-2012-2449,CVE-2012-3288,CVE-2013-1406 are affected in VMware Fusion for MAC 4.1.2 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234