CVE-2011-1787

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 7.1.x through 7.1.3 VMware Player versions 3.1.x through 3.1.3 VMware Fusion versions 3.1.x through 3.1.2 VMware ESXi versions 3.5 through 4.1 VMware ESX versions 3.0.3 through 4.1

Description A race condition exists in the mount.vmhgfs component of the VMware Host Guest File System (HGFS), allowing guest OS users to gain privileges on the guest OS. This is achieved by mounting a filesystem on top of an arbitrary directory.

Recommendations For VMware Workstation versions 7.1.x through 7.1.3, update to version 7.1.4 or later. For VMware Player versions 3.1.x through 3.1.3, update to version 3.1.4 or later. For VMware Fusion versions 3.1.x through 3.1.2, update to version 3.1.3 or later. For VMware ESXi versions 3.5 through 4.1, apply the relevant patch or update. For VMware ESX versions 3.0.3 through 4.1, apply the relevant patch or update.