CVE-2009-1142
MEDIUMVMware open-vm-tools 2009.03.18-154848 - Privilege Escalation via Symlink Attack on /tmp Files
Title source: llmDescription
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled.
References (2)
Core 2
Core References
Issue Tracking, Third Party Advisory
https://bugs.gentoo.org/264577
Release Notes, Third Party Advisory
https://github.com/vmware/open-vm-tools/releases/tag/2009.03.18-154848
Scores
CVSS v3
6.7
EPSS
0.0005
EPSS Percentile
14.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-59
Status
published
Products (1)
vmware/open_vm_tools
2009.03.18-154848
Published
Nov 23, 2022
Tracked Since
Feb 18, 2026