1. CVE-Search
  2. CVE-2010-4296
ID CVE-2010-4296
Summary vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
References
Vulnerable Configurations
  • cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 14-12-2022 - 16:45)
Impact:
Exploitability:
CWE CWE-863
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 45168
bugtraq 20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues
confirm http://www.vmware.com/security/advisories/VMSA-2010-0018.html
mlist [security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues
osvdb 69584
sectrack
  • 1024819
  • 1024820
secunia
  • 42453
  • 42482
vupen ADV-2010-3116
Last major update 14-12-2022 - 16:45
Published 06-12-2010 - 21:05
Last modified 14-12-2022 - 16:45
Back to Top