CVE-2012-1515 | Vulnerability Database | Aqua Security

VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.

Affected Software

Name	Vendor	Start Version	End Version
Esxi	Vmware	3.5 (including)	3.5 (including)
Esxi	Vmware	4.0 (including)	4.0 (including)
Esxi	Vmware	4.1 (including)	4.1 (including)

References

http://www.securityfocus.com/bid/52820
http://www.securitytracker.com/id?1026875
http://www.us-cert.gov/cas/techalerts/TA12-164A.html
http://www.vmware.com/security/advisories/VMSA-2012-0006.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042
https://exchange.xforce.ibmcloud.com/vulnerabilities/74480
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15209
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17110

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1515
CWE	https://cwe.mitre.org/data/definitions/264.html