CVE-2016-5330
CVE-2016-5330
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/41711não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.htmlhttp://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideloadhttp://www.securityfocus.com/archive/1/539131/100/0/threadedhttp://www.securityfocus.com/bid/92323http://www.securitytracker.com/id/1036544http://www.securitytracker.com/id/1036545http://www.securitytracker.com/id/1036619http://www.vmware.com/security/advisories/VMSA-2016-0010.html