The vulnerability described in this document could hypothetically be exploited by unprivileged code running in a VMware virtual machine (guest) in order to execute code in the host VMX process, thereby breaking out of the virtual machine; however, such exploitation has not been proven. In the event that arbitrary code execution in the VMX process is possible, kernel privileges can be obtained on a Windows host by abusing the VMX process's special access to a VMware driver, meaning the maximum possible impact of this vulnerability is elevation from unprivileged guest code execution to host kernel code execution.
faaa583588ea28e78dd0709b7d226804732abda76965a7dc1e8370600d08440fVMware Security Advisory 2012-0009 - VMware Workstation, Player, ESXi and ESX patches address critical security issues.
eb075b48375e4e244ac290d95f092560fec992c243117c80698f4db787b4f60a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed