VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
| Link | Tags |
|---|---|
| http://www.us-cert.gov/cas/techalerts/TA12-164A.html | third party advisory us government resource |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042 | vendor advisory |
| http://www.securityfocus.com/bid/52820 | vdb entry |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17110 | signature vdb entry |
| http://www.vmware.com/security/advisories/VMSA-2012-0006.html | vendor advisory |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15209 | signature vdb entry |
| http://www.securitytracker.com/id?1026875 | vdb entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74480 | vdb entry |