CVE-2010-4296
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
vmware-mount en VMware Workstation 7.x anteriores a la 7.1.2 build 301548 en Linux, VMware Player 3.1.x anteriores a la 3.1.2 build 301548 en Linux, VMware Server 2.0.2 en Linux, y VMware Fusion 3.1.x anteriores a la 3.1.2 build 332101 no carga apropiadamente las librerías, lo que permite a los usuarios del SO base escalar privilegios a través de vectores que involucran ficheros objeto compartidos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-11-18 CVE Reserved
- 2010-12-03 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-863: Incorrect Authorization
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/69584 | Broken Link | |
| http://www.securityfocus.com/archive/1/514995/100/0/threaded | Broken Link | |
| http://www.securityfocus.com/bid/45168 | Broken Link | |
| http://www.securitytracker.com/id?1024819 | Broken Link | |
| http://www.securitytracker.com/id?1024820 | Broken Link | |
| http://www.vupen.com/english/advisories/2010/3116 | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2010/000112.html | 2022-12-14 | |
| http://secunia.com/advisories/42453 | 2022-12-14 | |
| http://secunia.com/advisories/42482 | 2022-12-14 | |
| http://www.vmware.com/security/advisories/VMSA-2010-0018.html | 2022-12-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.0 Search vendor "Vmware" for product "Workstation" and version "7.0" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.0.1 Search vendor "Vmware" for product "Workstation" and version "7.0.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.1 Search vendor "Vmware" for product "Workstation" and version "7.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.1.1 Search vendor "Vmware" for product "Workstation" and version "7.1.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 7.1.2 Search vendor "Vmware" for product "Workstation" and version "7.1.2" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 3.1 Search vendor "Vmware" for product "Player" and version "3.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 3.1.1 Search vendor "Vmware" for product "Player" and version "3.1.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 3.1.2 Search vendor "Vmware" for product "Player" and version "3.1.2" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Server Search vendor "Vmware" for product "Server" | 2.0.2 Search vendor "Vmware" for product "Server" and version "2.0.2" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 3.1 Search vendor "Vmware" for product "Fusion" and version "3.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 3.1.1 Search vendor "Vmware" for product "Fusion" and version "3.1.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | 3.1.2 Search vendor "Vmware" for product "Fusion" and version "3.1.2" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|