CVE-2010-1141

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share.

CVSS v2.0 8.5 HIGH

8.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 6.8 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
http://lists.vmware.com/pipermail/security-announce/2010/000090.html	Patch Vendor Advisory
http://secunia.com/advisories/39198	Vendor Advisory
http://secunia.com/advisories/39206	Vendor Advisory
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.securitytracker.com/id?1023832
http://www.securitytracker.com/id?1023833
http://www.vmware.com/security/advisories/VMSA-2010-0007.html	Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
http://lists.vmware.com/pipermail/security-announce/2010/000090.html	Patch Vendor Advisory
http://secunia.com/advisories/39198	Vendor Advisory
http://secunia.com/advisories/39206	Vendor Advisory
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.securitytracker.com/id?1023832
http://www.securitytracker.com/id?1023833
http://www.vmware.com/security/advisories/VMSA-2010-0007.html	Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:vmware:workstation:6.5.0:::::::*
	cpe:2.3:a:vmware:workstation:6.5.1:::::::*
	cpe:2.3:a:vmware:workstation:6.5.2:::::::*
	cpe:2.3:a:vmware:workstation:6.5.3:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:vmware:player:2.5:::::::*
	cpe:2.3:a:vmware:player:2.5.1:::::::*
	cpe:2.3:a:vmware:player:2.5.2:::::::*
	cpe:2.3:a:vmware:player:2.5.3:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:a:vmware:ace:2.5.0:::::::*
	cpe:2.3:a:vmware:ace:2.5.1:::::::*
	cpe:2.3:a:vmware:ace:2.5.2:::::::*
	cpe:2.3:a:vmware:ace:2.5.3:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

OR	cpe:2.3:a:vmware:server:2.0.0:::::::*
	cpe:2.3:a:vmware:server:2.0.1:::::::*
	cpe:2.3:a:vmware:server:2.0.2:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

OR	cpe:2.3:a:vmware:fusion:2.0:::::::*
	cpe:2.3:a:vmware:fusion:2.0.1:::::::*
	cpe:2.3:a:vmware:fusion:2.0.2:::::::*
	cpe:2.3:a:vmware:fusion:2.0.3:::::::*
	cpe:2.3:a:vmware:fusion:2.0.4:::::::*
	cpe:2.3:a:vmware:fusion:2.0.5:::::::*
	cpe:2.3:a:vmware:fusion:3.0:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

OR	cpe:2.3:a:vmware:esxi:3.5:::::::*
	cpe:2.3:a:vmware:esxi:4.0:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

OR	cpe:2.3:a:vmware:esx:2.5.5:::::::*
	cpe:2.3:a:vmware:esx:3.0.3:::::::*
	cpe:2.3:a:vmware:esx:3.5:::::::*
	cpe:2.3:a:vmware:esx:4.0:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:13

Type	Values Removed	Values Added
References	~~() http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html -~~	() http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html -
References	~~() http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html -~~	() http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html -
References	~~() http://lists.vmware.com/pipermail/security-announce/2010/000090.html - Patch, Vendor Advisory~~	() http://lists.vmware.com/pipermail/security-announce/2010/000090.html - Patch, Vendor Advisory
References	~~() http://secunia.com/advisories/39198 - Vendor Advisory~~	() http://secunia.com/advisories/39198 - Vendor Advisory
References	~~() http://secunia.com/advisories/39206 - Vendor Advisory~~	() http://secunia.com/advisories/39206 - Vendor Advisory
References	~~() http://security.gentoo.org/glsa/glsa-201209-25.xml -~~	() http://security.gentoo.org/glsa/glsa-201209-25.xml -
References	~~() http://www.securitytracker.com/id?1023832 -~~	() http://www.securitytracker.com/id?1023832 -
References	~~() http://www.securitytracker.com/id?1023833 -~~	() http://www.securitytracker.com/id?1023833 -
References	~~() http://www.vmware.com/security/advisories/VMSA-2010-0007.html - Patch, Vendor Advisory~~	() http://www.vmware.com/security/advisories/VMSA-2010-0007.html - Patch, Vendor Advisory
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020 -

Information

Published : 2010-04-12 18:30

Updated : 2024-11-21 01:13

NVD link : CVE-2010-1141

Mitre link : CVE-2010-1141

CVE.ORG link : CVE-2010-1141

JSON object : View

Products Affected

vmware

ace
player
esxi
server
esx
fusion
workstation

microsoft

windows

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2010-1141", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 8.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-04-12T18:30:00.663", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html", "source": "cve@mitre.org"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/39198", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/39206", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1023832", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1023833", "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/39198", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/39206", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1023832", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1023833", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share."}, {"lang": "es", "value": "VMware Tools en VMware Workstation v6.5.x before v6.5.4 build v246459; VMware Player v2.5.x anterior a v2.5.4 build 246459; VMware ACE v2.5.x anterior a v2.5.4 build 246459; VMware Server v2.x anterior a v2.0.2 build 203138; VMware Fusion v2.x anterior a v2.0.6 build 246742; VMware ESXi v3.5 y v4.0; y VMware ESX 2.5.5, 3.0.3, 3.5, y 4.0 no accede adecuadamente a las bibliotecas de acceso, lo cual permite a atacantes remotos ayudados por usuarios ejecutar c\u00f3digo a su elecci\u00f3n al enga\u00f1ar a un usuario en un cliente Windows OS a hacer clic en un archivo que se almacena en un recurso compartido de red."}], "lastModified": "2024-11-21T01:13:44.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F"}, {"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627"}, {"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E"}, {"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02"}, {"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC"}, {"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D"}, {"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886"}, {"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528"}, {"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473"}, {"criteria": "cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBCA2A03-0A31-4290-987A-BE715758BA95"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF"}, {"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130"}, {"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8"}, {"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88"}, {"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673"}, {"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8"}, {"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8"}, {"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF"}, {"criteria": "cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26B7268F-A170-4366-9196-E73A956883DF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD"}, {"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:esx:2.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B037838B-072E-4676-9E5D-86F5BC207512"}, {"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34"}, {"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35"}, {"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}