PT-2010-5403 · Vmware · Vmware Player+3
Published
2010-12-06
·
Updated
2022-12-14
·
CVE-2010-4295
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 7.0 through 7.1.2 build 301547
VMware Player versions 3.1.x through 3.1.2 build 301547
VMware Server version 2.0.2
VMware Fusion versions 3.1.x through 3.1.2 build 332100
Description
A race condition exists in the mounting process of vmware-mount, allowing host OS users to gain privileges via vectors involving temporary files.
Recommendations
For VMware Workstation versions 7.0 through 7.1.2 build 301547, update to version 7.1.2 build 301548 or later.
For VMware Player versions 3.1.x through 3.1.2 build 301547, update to version 3.1.2 build 301548 or later.
For VMware Server version 2.0.2, update to a version that includes the fix for this issue.
For VMware Fusion versions 3.1.x through 3.1.2 build 332100, update to version 3.1.2 build 332101 or later.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Fusion
Vmware Player
Vmware Server
Vmware Workstation