CVE-2010-3277
Severity Score
2.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file.
El instalador en VMware Workstation v7.x anterior v7.1.2 build 301548 y VMware Player v3.x anterior v3.1.2 build 301548 lanza un fichero index.htm si se presenta en el directorio de instalación, lo que puede permitir a usuarios locales provocar una interpretación no prevista de código web o HTML por la creación de dicho archivo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-09-09 CVE Reserved
- 2010-09-25 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2010/000105.html | Mailing List | |
| http://securitytracker.com/id?1024481 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/41574 | 2010-09-29 | |
| http://www.vmware.com/security/advisories/VMSA-2010-0014.html | 2010-09-29 | |
| http://www.vupen.com/english/advisories/2010/2491 | 2010-09-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.0 Search vendor "Vmware" for product "Workstation" and version "7.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.0.1 Search vendor "Vmware" for product "Workstation" and version "7.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.1 Search vendor "Vmware" for product "Workstation" and version "7.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.1.1 Search vendor "Vmware" for product "Workstation" and version "7.1.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 3.0 Search vendor "Vmware" for product "Player" and version "3.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 3.0.1 Search vendor "Vmware" for product "Player" and version "3.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 3.1 Search vendor "Vmware" for product "Player" and version "3.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 3.1.1 Search vendor "Vmware" for product "Player" and version "3.1.1" | - |
Affected
| ||||||