CVE-2010-4295
VMware Workstation/Player/Server/Fusion Privilege Escalation via Race Condition
Title source: llmDescription
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
References (10)
Core 10
Core References
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/69585
Mailing List, Vendor Advisory mailing-list
x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2010/000112.html
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2010-0018.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45167
Broken Link, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514995/100/0/threaded
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42453
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024819
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42482
Broken Link, Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3116
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024820
Scores
EPSS
0.0006
EPSS Percentile
17.1%
Details
CWE
CWE-362
Status
published
Products (12)
vmware/fusion
3.1
vmware/fusion
3.1.1
vmware/fusion
3.1.2
vmware/player
3.1
vmware/player
3.1.1
vmware/player
3.1.2
vmware/server
2.0.2
vmware/workstation
7.0
vmware/workstation
7.0.1
vmware/workstation
7.1
... and 2 more
Published
Dec 06, 2010
Tracked Since
Feb 18, 2026