Vulnerabilities > CVE-2012-2752 - Unspecified vulnerability in VMWare VMA 4.0/4.1/5.0.0.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Per: http://cwe.mitre.org/data/lists/426.html 'Untrusted Search Path'
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Nessus
NASL family | SuSE Local Security Checks |
NASL id | VMWARE_VMA_VMSA_2012_0010.NASL |
description | The version of VMware vMA installed on the remote SuSE Linux Enterprise Server host is 4.x or 5.x earlier than 5.0.0.2. As such, it is potentially affected by a local privilege escalation vulnerability due to the way library files are loaded. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 59372 |
published | 2012-06-05 |
reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/59372 |
title | VMware vMA Unspecified Library Local Privilege Escalation (VMSA-2012-0010) |
code |
|
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 53697 CVE ID: CVE-2012-2752 vSphere Management Assistant (vMA)是允许管理员和开发者运行脚本和代理以管理ESXi主机和vCenter服务器系统的虚拟计算机。 VMWare vMA 4.0、4.1、5.0.0.1 之前版本在实现上存在加载任意文件导致的本地权限提升漏洞,攻击者可利用此漏洞以提升的权限执行任意代码。 0 VMWare vMA 5.0.0.1 VMWare vMA 4.1 VMWare vMA 4.0 厂商补丁: VMWare ------ VMWare已经为此发布了一个安全公告(VMSA-2012-0010)以及相应补丁: VMSA-2012-0010:VMware vMA addresses a security issue 链接:http://www.vmware.com/security/advisories/VMSA-2012-0010.html |
id | SSV:60165 |
last seen | 2017-11-19 |
modified | 2012-05-29 |
published | 2012-05-29 |
reporter | Root |
title | VMware vMA不明细节本地权限提升漏洞 |