7.2

CVE-2010-4296

vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMwareWorkstation Version7.0
   LinuxLinux Kernel Version-
VMwareWorkstation Version7.0.1
   LinuxLinux Kernel Version-
VMwareWorkstation Version7.1
   LinuxLinux Kernel Version-
VMwareWorkstation Version7.1.1
   LinuxLinux Kernel Version-
VMwareWorkstation Version7.1.2
   LinuxLinux Kernel Version-
VMwarePlayer Version3.1
   LinuxLinux Kernel Version-
VMwarePlayer Version3.1.1
   LinuxLinux Kernel Version-
VMwarePlayer Version3.1.2
   LinuxLinux Kernel Version-
VMwareServer Version2.0.2
   LinuxLinux Kernel Version-
VMwareFusion Version3.1
   ApplemacOS X Version-
VMwareFusion Version3.1.1
   ApplemacOS X Version-
VMwareFusion Version3.1.2
   ApplemacOS X Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.37% 0.284
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

http://lists.vmware.com/pipermail/security-announce/2010/000112.html
Vendor Advisory
Mailing List
http://secunia.com/advisories/42482
Vendor Advisory
Broken Link
http://www.securityfocus.com/archive/1/514995/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1024819
Third Party Advisory
Broken Link
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2010-0018.html
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3116
Third Party Advisory
Broken Link
http://secunia.com/advisories/42453
Vendor Advisory
Broken Link
http://www.securitytracker.com/id?1024820
Third Party Advisory
Broken Link
VDB Entry
http://osvdb.org/69584
Broken Link
http://www.securityfocus.com/bid/45168
Third Party Advisory
Broken Link
VDB Entry