CVE-2010-4296
VMware Workstation/Player/Server/Fusion Privilege Escalation via Shared Object File Loading
Title source: llmDescription
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
References (10)
Core 10
Core References
Mailing List, Vendor Advisory mailing-list
x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2010/000112.html
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2010-0018.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45168
Broken Link, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514995/100/0/threaded
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42453
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024819
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42482
Broken Link, Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3116
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024820
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/69584
Scores
EPSS
0.0006
EPSS Percentile
20.1%
Details
CWE
CWE-863
Status
published
Products (12)
vmware/fusion
3.1
vmware/fusion
3.1.1
vmware/fusion
3.1.2
vmware/player
3.1
vmware/player
3.1.1
vmware/player
3.1.2
vmware/server
2.0.2
vmware/workstation
7.0
vmware/workstation
7.0.1
vmware/workstation
7.1
... and 2 more
Published
Dec 06, 2010
Tracked Since
Feb 18, 2026