7.2
CVE-2010-4296
- EPSS 0.37%
- Veröffentlicht 06.12.2010 21:05:49
- Zuletzt bearbeitet 16.06.2026 23:24:31
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ Workstation Version7.0
VMware ≫ Workstation Version7.0.1
VMware ≫ Workstation Version7.1
VMware ≫ Workstation Version7.1.1
VMware ≫ Workstation Version7.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.284 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
http://lists.vmware.com/pipermail/security-announce/2010/000112.html
http://secunia.com/advisories/42482
http://www.securityfocus.com/archive/1/514995/100/0/threaded
http://www.securitytracker.com/id?1024819
http://www.vmware.com/security/advisories/VMSA-2010-0018.html
http://www.vupen.com/english/advisories/2010/3116
http://secunia.com/advisories/42453
http://www.securitytracker.com/id?1024820
http://osvdb.org/69584
http://www.securityfocus.com/bid/45168