CVE-2010-1142

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
vmwareworkstation
6.5.0
vmwareworkstation
6.5.1
vmwareworkstation
6.5.2
vmwareworkstation
6.5.3
vmwareplayer
2.5
vmwareplayer
2.5.1
vmwareplayer
2.5.2
vmwareplayer
2.5.3
vmwareace
2.5.0
vmwareace
2.5.1
vmwareace
2.5.2
vmwareace
2.5.3
vmwareserver
2.0.0
vmwareserver
2.0.1
vmwareserver
2.0.2
vmwarefusion
2.0
vmwarefusion
2.0.1
vmwarefusion
2.0.2
vmwarefusion
2.0.3
vmwarefusion
2.0.4
vmwarefusion
2.0.5
vmwarefusion
3.0
vmwareesxi
3.5
vmwareesxi
4.0
vmwareesx
2.5.5
vmwareesx
3.0.3
vmwareesx
3.5
vmwareesx
4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
http://lists.vmware.com/pipermail/security-announce/2010/000090.html
http://secunia.com/advisories/39198
http://secunia.com/advisories/39206
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt
http://www.securityfocus.com/bid/39394
http://www.securitytracker.com/id?1023832
http://www.securitytracker.com/id?1023833
http://www.vmware.com/security/advisories/VMSA-2010-0007.html
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
http://lists.vmware.com/pipermail/security-announce/2010/000090.html
http://secunia.com/advisories/39198
http://secunia.com/advisories/39206
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt
http://www.securityfocus.com/bid/39394
http://www.securitytracker.com/id?1023832
http://www.securitytracker.com/id?1023833
http://www.vmware.com/security/advisories/VMSA-2010-0007.html