Vulnerabilities > CVE-2012-1666 - Unspecified vulnerability in VMWare products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
Vulnerable Configurations
Exploit-Db
| description | ThinPrint 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution Vulnerability. CVE-2012-1666. Local exploit for windows platform |
| id | EDB-ID:37780 |
| last seen | 2016-02-04 |
| modified | 2012-09-04 |
| published | 2012-09-04 |
| reporter | Moshe Zioni |
| source | https://www.exploit-db.com/download/37780/ |
| title | ThinPrint 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution Vulnerability |
Nessus
| NASL family | VMware ESX Local Security Checks |
| NASL id | VMWARE_VMSA-2012-0012.NASL |
| description | a. ESXi update to third-party component libxml2 The libxml2 third-party library has been updated which addresses multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919 and CVE-2012-0841 to these issues. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 59966 |
| published | 2012-07-13 |
| reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/59966 |
| title | VMSA-2012-0012 : VMware ESXi update to third-party library |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/116257/vmwaretools-dllhijack.txt |
| id | PACKETSTORM:116257 |
| last seen | 2016-12-05 |
| published | 2012-09-05 |
| reporter | Moshe Zioni |
| source | https://packetstormsecurity.com/files/116257/VMWare-Tools-Binary-Planting.html |
| title | VMWare Tools Binary Planting |
References
- http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html
- http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html
- https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity
- https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity