Vulnerability Details : CVE-2012-1510
Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.
Vulnerability category: Overflow
Threat overview for CVE-2012-1510
Top countries where our scanners detected CVE-2012-1510
Top open port discovered on systems with this issue
443
IPs affected by CVE-2012-1510 216
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-1510!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-1510
Probability of exploitation activity in the next 30 days: 0.07%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 29 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-1510
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2012-1510
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-1510
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/74097
VMware View WDDM privilege escalation CVE-2012-1510 Vulnerability Report
-
http://www.securitytracker.com/id?1026814
VMware View Lets Local Users Gain Elevated Privileges and Lets Remote Users Conduct Cross-Site Scripting Attacks - SecurityTracker
-
http://www.vmware.com/security/advisories/VMSA-2012-0005.html
VMSA-2012-0005.4Vendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html
-
http://www.securityfocus.com/bid/52524
VMware View Privilege Escalation Vulnerabilities
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17258
Repository / Oval Repository
-
http://www.vmware.com/security/advisories/VMSA-2012-0004.html
VMSA-2012-0004Vendor Advisory
-
http://www.securitytracker.com/id?1026818
VMware ESX/ESXi Buffer Overflow and Null Pointer Dereference Lets Local Users Gain Elevated Privileges - SecurityTracker
Products affected by CVE-2012-1510
- cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:view:*:*:*:*:*:*:*:*