[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-1142Date: (C)2010-04-12   (M)2023-12-22


VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 8.5
Exploit Score: 6.8
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1023832
SECTRACK-1023833
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
SECUNIA-39198
SECUNIA-39206
BID-39394
GLSA-201209-25
http://lists.vmware.com/pipermail/security-announce/2010/000090.html
http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt
http://www.vmware.com/security/advisories/VMSA-2010-0007.html

CPE    12
cpe:/a:vmware:server:2.0.0
cpe:/o:microsoft:windows
cpe:/a:vmware:player:2.5.3
cpe:/a:vmware:player:2.5.2
...
CWE    1
CWE-264

© SecPod Technologies