VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.
2012-04-02T10:46:44.373
2025-04-11T00:51:21.963
Deferred
CVSSv2: 8.3 (HIGH)
AV:A/AC:L/Au:N/C:C/I:C/A:C
6.5
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | vmware | esxi | 3.5 | Yes |
| Operating System | vmware | esxi | 4.0 | Yes |
| Operating System | vmware | esxi | 4.1 | Yes |
| Operating System | vmware | esx | 3.5 | Yes |
| Operating System | vmware | esx | 4.0 | Yes |
| Operating System | vmware | esx | 4.1 | Yes |