CVE-2010-4295

{"id": "CVE-2010-4295", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-12-06T21:05:49.403", "references": [{"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html", "tags": ["Mailing List", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/69585", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/42453", "tags": ["Broken Link", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/42482", "tags": ["Broken Link", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/45167", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1024819", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1024820", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/3116", "tags": ["Broken Link", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html", "tags": ["Mailing List", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/69585", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/42453", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/42482", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/45167", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1024819", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1024820", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2010/3116", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files."}, {"lang": "es", "value": "Condici\u00f3n de carrera en el proceso de montaje de vmware-mount en VMware Workstation 7.x anteriores a la 7.1.2 build 301548 en Linux, VMware Player 3.1.x anteriores a la 3.1.2 build 301548 en Linux, VMware Server 2.0.2 en Linux, y VMware Fusion 3.1.x anteriores a la 3.1.2 build 332101 permite a usuarios del SO anfitri\u00f3n escalar privilegios a trav\u00e9s de vectores que involucran archivos temporales."}], "lastModified": "2024-11-21T01:20:37.683", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE"}, {"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3"}, {"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E"}, {"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D"}, {"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900"}, {"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7"}, {"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B"}, {"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990"}, {"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}