Lucene search

PRIOn knowledge basePRION:CVE-2010-4295

HistoryDec 06, 2010 - 9:05 p.m.

Race condition

2010-12-0621:05:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.6%

JSON

Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.

CPENameOperatorVersion
fusioneq3.1
fusioneq3.1.1
fusioneq3.1.2
playereq3.1
playereq3.1.1
playereq3.1.2
servereq2.0.2
workstationeq7.0
workstationeq7.0.1
workstationeq7.1

Name	Operator	Version
fusion	eq	3.1
fusion	eq	3.1.1
fusion	eq	3.1.2
player	eq	3.1
player	eq	3.1.1
player	eq	3.1.2
server	eq	2.0.2
workstation	eq	7.0
workstation	eq	7.0.1
workstation	eq	7.1

Rows per page:

1-10 of 121

References

lists.vmware.com/pipermail/security-announce/2010/000112.html

osvdb.org/69585

secunia.com/advisories/42453

secunia.com/advisories/42482

www.securityfocus.com/archive/1/514995/100/0/threaded

www.securityfocus.com/bid/45167

www.securitytracker.com/id?1024819

www.securitytracker.com/id?1024820

www.vmware.com/security/advisories/VMSA-2010-0018.html

www.vupen.com/english/advisories/2010/3116

7 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.6%

JSON

Related for PRION:CVE-2010-4295