CVE-2010-1140
VMware Workstation <7.0.1-VMware Player <3.0.1 - Privilege Escalation
Title source: llmDescription
The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk.
References (8)
Core 8
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201209-25.xml
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39206
Patch, Vendor Advisory mailing-list
x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
Patch, Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2010-0007.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/39397
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1023834
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
Scores
EPSS
0.0009
EPSS Percentile
25.3%
Details
CWE
CWE-264
Status
published
Products (2)
vmware/player
3.0
vmware/workstation
7.0
Published
Apr 12, 2010
Tracked Since
Feb 18, 2026