CVE-2011-1787

2011-06-0619:55:00

CWE-362

[email protected]

web.nvd.nist.gov

cve-2011-1787

vmware

hgfs

host guest file system

race condition

privilege escalation

vulnerability

nvd

6.5 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.6%

JSON

Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.

CPENameOperatorVersion
vmware:workstationvmware workstationeq7.1.3
vmware:workstationvmware workstationeq7.1.1
vmware:workstationvmware workstationeq7.1.2
vmware:playervmware playereq3.1.2
vmware:playervmware playereq3.1
vmware:playervmware playereq3.1.3
vmware:playervmware playereq3.1.1
vmware:fusionvmware fusioneq3.1.2
vmware:fusionvmware fusioneq3.1
vmware:fusionvmware fusioneq3.1.1

CPE	Name	Operator	Version
vmware:workstation	vmware workstation	eq	7.1.3
vmware:workstation	vmware workstation	eq	7.1.1
vmware:workstation	vmware workstation	eq	7.1.2
vmware:player	vmware player	eq	3.1.2
vmware:player	vmware player	eq	3.1
vmware:player	vmware player	eq	3.1.3
vmware:player	vmware player	eq	3.1.1
vmware:fusion	vmware fusion	eq	3.1.2
vmware:fusion	vmware fusion	eq	3.1
vmware:fusion	vmware fusion	eq	3.1.1