PT-2010-5404 · Vmware · Vmware Player+3
Published
2010-12-06
·
Updated
2022-12-14
·
CVE-2010-4296
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 7.0 through 7.1.2 build 301547
VMware Player versions 3.1.x through 3.1.1 build 301547
VMware Server version 2.0.2
VMware Fusion versions 3.1.x through 3.1.1 build 332100
Description
The issue is related to the improper loading of libraries by vmware-mount, which can be exploited by host OS users to gain privileges. This is achieved through vectors involving shared object files.
Recommendations
For VMware Workstation versions 7.0 through 7.1.2 build 301547, update to build 301548 or later.
For VMware Player versions 3.1.x through 3.1.1 build 301547, update to build 301548 or later.
For VMware Server version 2.0.2, update to a version that includes the fix for this issue.
For VMware Fusion versions 3.1.x through 3.1.1 build 332100, update to build 332101 or later.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Fusion
Vmware Player
Vmware Server
Vmware Workstation