CVE-2010-4295

Published Dec 6, 2010

Last updated 3 months ago

CVSS info 6.9

Overview

Description: Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-362

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D"
          },
          {
            "criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900"
          },
          {
            "criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7"
          },
          {
            "criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B"
          },
          {
            "criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990"
          },
          {
            "criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References