CVE-2013-1662

vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
VendorProductVersion
vmwareworkstation
8.0
vmwareworkstation
8.0.0.18997
vmwareworkstation
8.0.1
vmwareworkstation
8.0.1.27038
vmwareworkstation
8.0.2
vmwareworkstation
8.0.3
vmwareworkstation
8.0.4
vmwareworkstation
8.0.5
vmwareworkstation
8.0.6
vmwareworkstation
9.0
vmwareworkstation
9.0.1
vmwareworkstation
9.0.2
vmwareplayer
4.0
vmwareplayer
4.0.0.18997
vmwareplayer
4.0.1
vmwareplayer
4.0.2
vmwareplayer
4.0.3
vmwareplayer
4.0.4
vmwareplayer
4.0.5
vmwareplayer
4.0.6
vmwareplayer
5.0
vmwareplayer
5.0.1
vmwareplayer
5.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blog.cmpxchg8b.com/2013/08/security-debianisms.html
http://www.vmware.com/security/advisories/VMSA-2013-0010.html
http://blog.cmpxchg8b.com/2013/08/security-debianisms.html
http://www.vmware.com/security/advisories/VMSA-2013-0010.html