PT-2010-4703 · Vmware · Vmware Player+1

Publicado

2010-09-28

Atualizado

2010-09-29

CVE-2010-3277

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 7.0 through 7.1.2 build 301547 VMware Player versions 3.0 through 3.1.2 build 301547

Description The issue allows local users to potentially trigger unintended interpretation of web script or HTML by creating an index.htm file in the installation directory.

Recommendations For VMware Workstation versions 7.0 through 7.1.2 build 301547, update to version 7.1.2 build 301548 or later. For VMware Player versions 3.0 through 3.1.2 build 301547, update to version 3.1.2 build 301548 or later. As a temporary workaround, consider restricting access to the installation directory to prevent creation of the index.htm file until a patch is applied.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2010-3277

Produtos afetados

Vmware Player

Vmware Workstation

PT-2010-4703 · Vmware · Vmware Player+1

CVE-2010-3277

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7