CVE-2014-4200

EUVD-2014-4129
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
vmwaretools
*
vmwarevm-support
0.88
vmwareworkstation
𝑥
≤ 10.0.3
vmwareworkstation
10.0
vmwareworkstation
10.0.1
vmwareworkstation
10.0.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
open-vm-tools
bookworm
2:12.2.0-1+deb12u2
fixed
bookworm (security)
2:12.2.0-1+deb12u2
fixed
bullseye
2:11.2.5-2+deb11u3
fixed
bullseye (security)
2:11.2.5-2+deb11u3
fixed
sid
2:12.4.5-1
fixed
squeeze
no-dsa
trixie
2:12.4.5-1
fixed
wheezy
no-dsa
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2014/Aug/71
http://www.securityfocus.com/bid/69410
http://www.securitytracker.com/id/1030758
https://exchange.xforce.ibmcloud.com/vulnerabilities/95494
http://seclists.org/fulldisclosure/2014/Aug/71
http://www.securityfocus.com/bid/69410
http://www.securitytracker.com/id/1030758
https://exchange.xforce.ibmcloud.com/vulnerabilities/95494