PT-2010-4703 · Vmware · Vmware Player+1

Published

2010-09-28

Updated

2010-09-29

CVE-2010-3277

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 7.0 through 7.1.2 build 301547 VMware Player versions 3.0 through 3.1.2 build 301547

Description The issue allows local users to potentially trigger unintended interpretation of web script or HTML by creating an index.htm file in the installation directory.

Recommendations For VMware Workstation versions 7.0 through 7.1.2 build 301547, update to version 7.1.2 build 301548 or later. For VMware Player versions 3.0 through 3.1.2 build 301547, update to version 3.1.2 build 301548 or later. As a temporary workaround, consider restricting access to the installation directory to prevent creation of the index.htm file until a patch is applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-3277

Affected Products

Vmware Player

Vmware Workstation

PT-2010-4703 · Vmware · Vmware Player+1

CVE-2010-3277

Weakness Enumeration

Related Identifiers

Affected Products

References · 7