What is CVE-2016-5328?

CVE-2016-5328 is a medium-severity vulnerability in Apple Mac_os_x, classified under Information Disclosure. CVSS score: 5.5/10. Published 2016-12-29.

How severe is CVE-2016-5328?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Information disclosure in Apple Mac_os_x

CVE-2016-5328

VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors.

Vulnerability class: Information Disclosure

EPSS: 0.000 (15.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Apple Mac_os_x
Vmware Tools — versions 10.0.0, 10.0.5, 10.0.6
N/a — versions n/a

Weakness classification (CWE)

References

93886 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
1037102 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2016-5328?: CVE-2016-5328 is a medium-severity vulnerability in Apple Mac_os_x, classified under Information Disclosure. CVSS score: 5.5/10. Published 2016-12-29.
How severe is CVE-2016-5328?: Medium severity. CVSS v3 base score is 5.5 out of 10.