6.9

CVE-2011-1787

Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.

Data is provided by the National Vulnerability Database (NVD)
VMwareWorkstation Version7.1.1
VMwareWorkstation Version7.1.2
VMwareWorkstation Version7.1.3
VMwarePlayer Version3.1
VMwarePlayer Version3.1.1
VMwarePlayer Version3.1.2
VMwarePlayer Version3.1.3
VMwareFusion Version3.1
VMwareFusion Version3.1.1
VMwareFusion Version3.1.2
VMwareEsx Version3.0.3
VMwareEsx Version3.5
VMwareEsx Version4.0
VMwareEsx Version4.1
VMwareEsxi Version3.5
VMwareEsxi Version4.0
VMwareEsxi Version4.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.07% 0.209
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.