CVE-2011-2145

2011-06-0619:55:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2011-2145

vmware

hgfs

guest os

arbitrary files

security vulnerability

nvd

6.3 Medium

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.001 Low

EPSS

Percentile

25.6%

JSON

mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a “procedural error.”

CPENameOperatorVersion
vmware:esxvmware esxeq3.0.3
vmware:esxvmware esxeq3.5
vmware:esxvmware esxeq4.0
vmware:esxvmware esxeq4.1
vmware:esxivmware esxieq3.5
vmware:esxivmware esxieq4.0
vmware:esxivmware esxieq4.1
vmware:fusionvmware fusioneq3.1
vmware:fusionvmware fusioneq3.1.1
vmware:fusionvmware fusioneq3.1.2

CPE	Name	Operator	Version
vmware:esx	vmware esx	eq	3.0.3
vmware:esx	vmware esx	eq	3.5
vmware:esx	vmware esx	eq	4.0
vmware:esx	vmware esx	eq	4.1
vmware:esxi	vmware esxi	eq	3.5
vmware:esxi	vmware esxi	eq	4.0
vmware:esxi	vmware esxi	eq	4.1
vmware:fusion	vmware fusion	eq	3.1
vmware:fusion	vmware fusion	eq	3.1.1
vmware:fusion	vmware fusion	eq	3.1.2