CVE-2012-1666

Name of the Vulnerable Software and Affected Versions VMware Workstation versions prior to 8.0.4 VMware Player versions prior to 4.0.4 VMware Fusion versions prior to 4.1.2 VMware View versions prior to 5.1 VMware ESX 4.1 versions prior to U3 VMware ESX 5.0 versions prior to P03

Description The issue allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory, due to an untrusted search path vulnerability in VMware Tools.

Recommendations For VMware Workstation versions prior to 8.0.4, update to version 8.0.4 or later. For VMware Player versions prior to 4.0.4, update to version 4.0.4 or later. For VMware Fusion versions prior to 4.1.2, update to version 4.1.2 or later. For VMware View versions prior to 5.1, update to version 5.1 or later. For VMware ESX 4.1 versions prior to U3, update to U3 or later. For VMware ESX 5.0 versions prior to P03, update to P03 or later.