CVE-2011-1787

EUVD-2011-1785
Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
vmwareworkstation
7.1.1
vmwareworkstation
7.1.2
vmwareworkstation
7.1.3
vmwareplayer
3.1
vmwareplayer
3.1.1
vmwareplayer
3.1.2
vmwareplayer
3.1.3
vmwarefusion
3.1
vmwarefusion
3.1.1
vmwarefusion
3.1.2
vmwareesx
3.0.3
vmwareesx
3.5
vmwareesx
4.0
vmwareesx
4.1
vmwareesxi
3.5
vmwareesxi
4.0
vmwareesxi
4.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
open-vm-tools
bookworm
2:12.2.0-1+deb12u2
fixed
bookworm (security)
2:12.2.0-1+deb12u2
fixed
bullseye
2:11.2.5-2+deb11u3
fixed
bullseye (security)
2:11.2.5-2+deb11u3
fixed
lenny
no-dsa
sid
2:12.4.5-1
fixed
squeeze
no-dsa
trixie
2:12.4.5-1
fixed
Common Weakness Enumeration
References
http://secunia.com/advisories/44840
http://secunia.com/advisories/44904
http://www.securityfocus.com/bid/48098
http://www.securitytracker.com/id?1025601
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
https://hermes.opensuse.org/messages/8711677
http://secunia.com/advisories/44840
http://secunia.com/advisories/44904
http://www.securityfocus.com/bid/48098
http://www.securitytracker.com/id?1025601
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
https://hermes.opensuse.org/messages/8711677