Information disclosure vulnerability in open-vm-tools by extracting files from vm-support archive
|ID: oval:org.secpod.oval:def:21832||Date: (C)2014-12-03 (M)2017-11-27|
|Class: VULNERABILITY||Family: unix|
The host is installed with open-vm-tools before 9.4.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows local users to obtain sensitive information.
|Red Hat Enterprise Linux 7|