CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
26.7%
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
Vendor | Product | Version | CPE |
---|---|---|---|
vmware | workstation | 7.0 | cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:* |
vmware | workstation | 7.0.1 | cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:* |
vmware | workstation | 7.1 | cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:* |
vmware | workstation | 7.1.1 | cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:* |
vmware | workstation | 7.1.2 | cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:* |
linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
vmware | player | 3.1 | cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:* |
vmware | player | 3.1.1 | cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:* |
vmware | player | 3.1.2 | cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:* |
vmware | server | 2.0.2 | cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:* |
lists.vmware.com/pipermail/security-announce/2010/000112.html
osvdb.org/69584
secunia.com/advisories/42453
secunia.com/advisories/42482
www.securityfocus.com/archive/1/514995/100/0/threaded
www.securityfocus.com/bid/45168
www.securitytracker.com/id?1024819
www.securitytracker.com/id?1024820
www.vmware.com/security/advisories/VMSA-2010-0018.html
www.vupen.com/english/advisories/2010/3116