PT-2010-5403 · Vmware · Vmware Player+3
Publicado
2010-12-06
·
Atualizado
2022-12-14
·
CVE-2010-4295
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 7.0 through 7.1.2 build 301547
VMware Player versions 3.1.x through 3.1.2 build 301547
VMware Server version 2.0.2
VMware Fusion versions 3.1.x through 3.1.2 build 332100
Description
A race condition exists in the mounting process of vmware-mount, allowing host OS users to gain privileges via vectors involving temporary files.
Recommendations
For VMware Workstation versions 7.0 through 7.1.2 build 301547, update to version 7.1.2 build 301548 or later.
For VMware Player versions 3.1.x through 3.1.2 build 301547, update to version 3.1.2 build 301548 or later.
For VMware Server version 2.0.2, update to a version that includes the fix for this issue.
For VMware Fusion versions 3.1.x through 3.1.2 build 332100, update to version 3.1.2 build 332101 or later.
Correção
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Vmware Fusion
Vmware Player
Vmware Server
Vmware Workstation