Home

CVE-2016-5330

Description

Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
25.479

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-5330 are affected in vmware tools (x64) 10.3.22Windows
Vulnerabilities CVE-2016-5330 are affected in VMware Tools 10.3.22Windows
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.1.1Mac
Vulnerabilities CVE-2016-5330,CVE-2018-6957 are affected in VMware Fusion for MAC 8.1Mac
Vulnerabilities CVE-2016-5330,CVE-2017-4945,CVE-2018-6957 are affected in VMware Fusion for MAC 8.1Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-352023VMware tools 13 (x64) (13.0.5)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234