{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-25T00:00:00", "descriptions": [{"lang": "en", "value": "VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "93886", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93886"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html"}, {"name": "1037102", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037102"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-5328", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "93886", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93886"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html"}, {"name": "1037102", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037102"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:00:58.025Z"}, "title": "CVE Program Container", "references": [{"name": "93886", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93886"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html"}, {"name": "1037102", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037102"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-5328", "datePublished": "2016-12-29T09:02:00", "dateReserved": "2016-06-07T00:00:00", "dateUpdated": "2024-08-06T01:00:58.025Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CDCE615-BA28-4932-A47B-A14071A2D8BF", "versionEndIncluding": "10.0.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:10.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "89B3580E-41A1-4EB8-A97C-34B965B414D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:10.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "1F999AF0-4C3D-476D-A632-D367345259BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:10.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "A53AE7E3-FB3E-4575-83B3-90D5638A34D0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:tools:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F53BD4E0-1377-4AD1-8D6E-3630368C2357", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8ABEAC91-A25E-4C4A-A8FA-902DEED4778B", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "86B25FE3-1626-458D-B1A3-69D8D3862ECF", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A8496AEB-2001-4F69-AE8A-D929110C5920", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "ABB332F1-5675-409E-9B17-8DCEB6481C5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "AB931B48-FEE8-4987-8DEC-1DEDBB685DC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "0AB253B4-B143-42D7-B93F-300C4DCF7A6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "0F8C1483-2C87-40F9-8AE4-CBB75A3BF0F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "1E3A1F02-756E-4C18-AB60-2B139BDF6158", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "EC158F12-905C-41D6-A4F8-C3351434F473", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2696F33-AEB3-4D68-A537-AA29C8CDF4E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "2C97C8E2-BE58-4EC0-BABA-E23A112B97C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "B68B85BC-D36D-4FF3-B2F6-394D55882ABD", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "A3C582AB-ED9B-4A44-AA94-6902A4F36266", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "32123ECF-4097-4432-A4DC-547EF930A13E", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "260C1C0E-EEB9-41FF-8D32-D1227108E65F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA562638-A2D1-4FC1-8B5D-C6765ADA00B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFC86659-B04F-4017-9231-183087231BFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:tools:9.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "322CAF3E-8C85-4B4E-B980-30CAB5DCC77E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors."}, {"lang": "es", "value": "VMware Tools 9.x y 10.x en versiones anteriores a 10.1.0 en OS X, cuando System Integrity Protection (SIP) est\u00e1 habilitado, permite a usuarios locales determinar las direcciones de memoria del kernel y eludir el mecanismo de protecci\u00f3n kASLR a trav\u00e9s de vectores no especificados."}], "id": "CVE-2016-5328", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-12-29T09:59:00.180", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93886"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1037102"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93886"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1037102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-254"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}