[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-4295

Date: (C)2010-12-06   (M)2015-12-16 


Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.

CVSS Score: 6.9Access Vector: LOCAL
Exploit Score: 3.4Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1024819
SECTRACK-1024820
http://www.securityfocus.com/archive/1/archive/1/514995/100/0/threaded
SECUNIA-42453
SECUNIA-42482
BID-45167
OSVDB-69585
ADV-2010-3116
IAVM:2010-A-0168
http://lists.vmware.com/pipermail/security-announce/2010/000112.html
http://www.vmware.com/security/advisories/VMSA-2010-0018.html

CPE    12
cpe:/a:vmware:fusion:3.1.2
cpe:/a:vmware:fusion:3.1.1
cpe:/a:vmware:fusion:3.1
cpe:/a:vmware:server:2.0.2
...
CWE    1
CWE-362

© 2013 SecPod Technologies