Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2012-1516

The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers.

Published: May 4, 2012
Updated: Nov 9, 2025
CVE: CVE-2012-1516
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.9
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
vmware / esx	3.5-update2	3.5-update2.x
vmware / esx	4.1	4.1.x
vmware / esx	3.5-update1	3.5-update1.x
vmware / esx	3.5	3.5.x
vmware / esx	3.5-update3	3.5-update3.x
vmware / esx	4.0	4.0.x
vmware / esxi	4.1	4.1.x
vmware / esxi	4.0-1	4.0-1.x
vmware / esxi	3.5	3.5.x
vmware / esxi	4.0	4.0.x
vmware / esxi	4.0-3	4.0-3.x
vmware / esxi	3.5-1	3.5-1.x
vmware / esxi	4.0-4	4.0-4.x
vmware / esxi	4.0-2	4.0-2.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo