CVE-2010-1141

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 6.5.x through 6.5.3 VMware Player versions 2.5.x through 2.5.3 VMware ACE versions 2.5.x through 2.5.3 VMware Server versions 2.x through 2.0.1 VMware Fusion versions 2.x through 2.0.5 VMware ESXi versions 3.5 and 4.0 VMware ESX versions 2.5.5, 3.0.3, 3.5, and 4.0

Description The issue allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file stored on a network share, due to improper library access.

Recommendations For VMware Workstation versions 6.5.x through 6.5.3, update to version 6.5.4 build 246459 or later. For VMware Player versions 2.5.x through 2.5.3, update to version 2.5.4 build 246459 or later. For VMware ACE versions 2.5.x through 2.5.3, update to version 2.5.4 build 246459 or later. For VMware Server versions 2.x through 2.0.1, update to version 2.0.2 build 203138 or later. For VMware Fusion versions 2.x through 2.0.5, update to version 2.0.6 build 246742 or later. For VMware ESXi versions 3.5 and 4.0, and VMware ESX versions 2.5.5, 3.0.3, 3.5, and 4.0, update to a version that properly accesses libraries.