Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 01:20
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.vmware.com/pipermail/security-announce/2010/000112.html - Mailing List, Vendor Advisory | |
References | () http://osvdb.org/69585 - Broken Link | |
References | () http://secunia.com/advisories/42453 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/42482 - Broken Link, Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/514995/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/45167 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1024819 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1024820 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.vmware.com/security/advisories/VMSA-2010-0018.html - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2010/3116 - Broken Link, Vendor Advisory |
14 Dec 2022, 16:51
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* |
|
References | (SECUNIA) http://secunia.com/advisories/42482 - Broken Link, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/45167 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECTRACK) http://www.securitytracker.com/id?1024820 - Broken Link, Third Party Advisory, VDB Entry | |
References | (MLIST) http://lists.vmware.com/pipermail/security-announce/2010/000112.html - Mailing List, Vendor Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id?1024819 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/42453 - Broken Link, Vendor Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/514995/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | (VUPEN) http://www.vupen.com/english/advisories/2010/3116 - Broken Link, Vendor Advisory | |
References | (OSVDB) http://osvdb.org/69585 - Broken Link |
Information
Published : 2010-12-06 21:05
Updated : 2024-11-21 01:20
NVD link : CVE-2010-4295
Mitre link : CVE-2010-4295
CVE.ORG link : CVE-2010-4295
JSON object : View
Products Affected
vmware
- workstation
- server
- player
- fusion
apple
- mac_os_x
linux
- linux_kernel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')