PT-2011-1001 · Vmware · Vmware Workstation+1

Published

2011-04-01

Updated

2018-10-09

CVE-2011-1126

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions VMware VIX API versions prior to 1.10.3 VMware Workstation versions 6.5.x through 7.1.4 build 385536

Description The issue allows local users to potentially gain privileges via a Trojan horse shared library in an unspecified directory. This could enable an attacker to control the execution of the vmrun utility, which is used to perform various actions on virtual machines.

Recommendations For VMware VIX API versions prior to 1.10.3, update to version 1.10.3 or later. For VMware Workstation versions 6.5.x through 7.1.4 build 385536, update to a version after 7.1.4 build 385536.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2014-00005

CVE-2011-1126

Affected Products

Vmware Vix Api

Vmware Workstation

PT-2011-1001 · Vmware · Vmware Workstation+1

CVE-2011-1126

Weakness Enumeration

Related Identifiers

Affected Products

References · 13