Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-5330

Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Published

2016-08-08T01:59:16.463

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

3.4

Impact Score

6.4

Weaknesses

Type: Primary
CWE-426

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	vmware	workstation_player	< 12.1.1	Yes
Application	vmware	workstation_pro	< 12.1.1	Yes
Operating System	vmware	esxi	≤ 6.0	Yes
Application	vmware	fusion	< 8.1.1	Yes
Operating System	apple	mac_os_x	-	No
Application	vmware	tools	≤ 10.3.22	Yes
Operating System	microsoft	windows	-	No

References

http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload Third Party Advisory ([email protected])
http://www.securityfocus.com/archive/1/539131/100/0/threaded Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/92323 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1036544 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1036545 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1036619 Third Party Advisory, VDB Entry ([email protected])
http://www.vmware.com/security/advisories/VMSA-2016-0010.html Mitigation, Vendor Advisory ([email protected])
https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html Exploit, Third Party Advisory ([email protected])
http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/539131/100/0/threaded Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/92323 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036544 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036545 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036619 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/security/advisories/VMSA-2016-0010.html Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)