VMware ESX/ESXi Buffer Overflow and Null Pointer Dereference Lets Local Users Gain Elevated Privileges
ESX 4.0, 4.1; ESXi 4.0, 4.1, 5.0
A vulnerability was reported in VMware ESX. A local user can obtain elevated privileges on the target system.
A local user on a guest operating system can trigger a buffer overflow or null pointer dereference in the display drivers to execute arbitrary code on the target system with elevated privileges. A null pointer dereference in XPDM may occur [CVE-2012-1508]. A buffer overflow in WDDM may occur [CVE-2012-1510].
A local user on the guest operating system can obtain elevated privileges on the target system.