CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
26.7%
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
Vendor | Product | Version | CPE |
---|---|---|---|
vmware | workstation | 7.0 | cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:* |
vmware | workstation | 7.0.1 | cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:* |
vmware | workstation | 7.1 | cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:* |
vmware | workstation | 7.1.1 | cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:* |
vmware | workstation | 7.1.2 | cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:* |
linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
vmware | player | 3.1 | cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:* |
vmware | player | 3.1.1 | cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:* |
vmware | player | 3.1.2 | cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:* |
vmware | server | 2.0.2 | cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:* |
lists.vmware.com/pipermail/security-announce/2010/000112.html
osvdb.org/69585
secunia.com/advisories/42453
secunia.com/advisories/42482
www.securityfocus.com/archive/1/514995/100/0/threaded
www.securityfocus.com/bid/45167
www.securitytracker.com/id?1024819
www.securitytracker.com/id?1024820
www.vmware.com/security/advisories/VMSA-2010-0018.html
www.vupen.com/english/advisories/2010/3116