CVE-2014-4199

CVE-2014-4199 affects vm-support 0.88 in VMware Tools (distributed with VMware Workstation up to 10.0.3 and related products). The vulnerability arises from a symlink attack on a file in /tmp, allowing a local user to write to arbitrary files. The Open VM Tools/open-vm-tools references in OSV/Red...

CVE-2014-4200

CVE-2014-4200 concerns vm-support 0.88 in VMware Tools (distributed with VMware Workstation up to 10.0.3 and related products). The underlying issue is that the vm-support archive is created with 0644 permissions, allowing local users to extract sensitive files from the archive. The public detail...