CVE-2010-4295
6.5 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.6%
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
References
lists.vmware.com/pipermail/security-announce/2010/000112.html
osvdb.org/69585
secunia.com/advisories/42453
secunia.com/advisories/42482
www.securityfocus.com/archive/1/514995/100/0/threaded
www.securityfocus.com/bid/45167
www.securitytracker.com/id?1024819
www.securitytracker.com/id?1024820
www.vmware.com/security/advisories/VMSA-2010-0018.html
www.vupen.com/english/advisories/2010/3116
Related
6.5 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.6%