PT-2014-5732 · Vmware · Vmware Tools+1

Published

2014-08-28

Updated

2017-08-29

CVE-2014-4200

CVSS v2.0

4.7

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions VMware Tools versions prior to the version that fixes the issue in VMware Workstation through 10.0.3

Description The issue allows local users to obtain sensitive information by extracting files from the vm-support archive due to the use of 0644 permissions.

Recommendations For versions prior to the fixed version, consider changing the permissions of the vm-support archive to prevent unauthorized access until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-4200

Affected Products

Vmware Tools

Vmware Workstation

PT-2014-5732 · Vmware · Vmware Tools+1

CVE-2014-4200

Weakness Enumeration

Related Identifiers

Affected Products

References · 9