CVE-2013-5972
VMware Security Advisory 2013-0013
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors.
VMware Workstation 9.x antes de 9.0.3 y VMware Player 5.x antes 5.0.3 en Linux no manejan correctamente biblioteca compartida, que permite a los usuarios de host del sistema operativo para obtener privilegios del sistema operativo a través de vectores no especificados.
VMware has updated VMware Workstation and VMware Player to address a vulnerability that could result in an escalation of privilege on Linux-based host machines.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-10-01 CVE Reserved
- 2013-11-14 CVE Published
- 2024-09-17 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2013-0013.html | 2013-11-19 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 9.0 Search vendor "Vmware" for product "Workstation" and version "9.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 9.0.1 Search vendor "Vmware" for product "Workstation" and version "9.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 9.0.2 Search vendor "Vmware" for product "Workstation" and version "9.0.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 5.0 Search vendor "Vmware" for product "Player" and version "5.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 5.0.1 Search vendor "Vmware" for product "Player" and version "5.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 5.0.2 Search vendor "Vmware" for product "Player" and version "5.0.2" | - |
Affected
| ||||||