CVE-2010-1142

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
OR cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:a:vmware:esx:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:13

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html - () http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html -
References () http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html - () http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html -
References () http://lists.vmware.com/pipermail/security-announce/2010/000090.html - Patch, Vendor Advisory () http://lists.vmware.com/pipermail/security-announce/2010/000090.html - Patch, Vendor Advisory
References () http://secunia.com/advisories/39198 - Vendor Advisory () http://secunia.com/advisories/39198 - Vendor Advisory
References () http://secunia.com/advisories/39206 - Vendor Advisory () http://secunia.com/advisories/39206 - Vendor Advisory
References () http://security.gentoo.org/glsa/glsa-201209-25.xml - () http://security.gentoo.org/glsa/glsa-201209-25.xml -
References () http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt - () http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt -
References () http://www.securityfocus.com/bid/39394 - () http://www.securityfocus.com/bid/39394 -
References () http://www.securitytracker.com/id?1023832 - () http://www.securitytracker.com/id?1023832 -
References () http://www.securitytracker.com/id?1023833 - () http://www.securitytracker.com/id?1023833 -
References () http://www.vmware.com/security/advisories/VMSA-2010-0007.html - Patch, Vendor Advisory () http://www.vmware.com/security/advisories/VMSA-2010-0007.html - Patch, Vendor Advisory

Information

Published : 2010-04-12 18:30

Updated : 2024-11-21 01:13


NVD link : CVE-2010-1142

Mitre link : CVE-2010-1142

CVE.ORG link : CVE-2010-1142


JSON object : View

Products Affected

vmware

  • ace
  • player
  • esxi
  • server
  • esx
  • fusion
  • workstation

microsoft

  • windows
CWE
CWE-264

Permissions, Privileges, and Access Controls