CVE-2010-1141

12.04.2010, 18:30

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	8.5 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:S/C:C/I:C/A:C
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 89%

Vendor	Product	Version
vmware	workstation	6.5.0
vmware	workstation	6.5.1
vmware	workstation	6.5.2
vmware	workstation	6.5.3
vmware	player	2.5
vmware	player	2.5.1
vmware	player	2.5.2
vmware	player	2.5.3
vmware	ace	2.5.0
vmware	ace	2.5.1
vmware	ace	2.5.2
vmware	ace	2.5.3
vmware	server	2.0.0
vmware	server	2.0.1
vmware	server	2.0.2
vmware	fusion	2.0
vmware	fusion	2.0.1
vmware	fusion	2.0.2
vmware	fusion	2.0.3
vmware	fusion	2.0.4
vmware	fusion	2.0.5
vmware	fusion	3.0
vmware	esxi	3.5
vmware	esxi	4.0
vmware	esx	2.5.5
vmware	esx	3.0.3
vmware	esx	3.5
vmware	esx	4.0