Lucene search

MitreCVE-2010-1142

HistoryApr 12, 2010 - 6:30 p.m.

CVE-2010-1142

2010-04-1218:30:00

CWE-264

mitre

web.nvd.nist.gov

vmware

privilege escalation

cve-2010-1142

vulnerability

nvd

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

0.003

Percentile

69.5%

JSON

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.

Affected configurations

Nvd

Node

vmwareworkstationMatch6.5.0

vmwareworkstationMatch6.5.1

vmwareworkstationMatch6.5.2

vmwareworkstationMatch6.5.3

AND

microsoftwindows

Node

vmwareplayerMatch2.5

vmwareplayerMatch2.5.1

vmwareplayerMatch2.5.2

vmwareplayerMatch2.5.3

AND

microsoftwindows

Node

vmwareaceMatch2.5.0

vmwareaceMatch2.5.1

vmwareaceMatch2.5.2

vmwareaceMatch2.5.3

AND

microsoftwindows

Node

vmwareserverMatch2.0.0

vmwareserverMatch2.0.1

vmwareserverMatch2.0.2

AND

microsoftwindows

Node

vmwarefusionMatch2.0

vmwarefusionMatch2.0.1

vmwarefusionMatch2.0.2

vmwarefusionMatch2.0.3

vmwarefusionMatch2.0.4

vmwarefusionMatch2.0.5

vmwarefusionMatch3.0

AND

microsoftwindows

Node

vmwareesxiMatch3.5

vmwareesxiMatch4.0

AND

microsoftwindows

Node

vmwareesxMatch2.5.5

vmwareesxMatch3.0.3

vmwareesxMatch3.5

vmwareesxMatch4.0

AND

microsoftwindows

VendorProductVersionCPE
vmwareworkstation6.5.0cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*
vmwareworkstation6.5.1cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*
vmwareworkstation6.5.2cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*
vmwareworkstation6.5.3cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
vmwareplayer2.5cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*
vmwareplayer2.5.1cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*
vmwareplayer2.5.2cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*
vmwareplayer2.5.3cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*
vmwareace2.5.0cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vmware	workstation	6.5.0	cpe:2.3:a:vmware:workstation:6.5.0:::::::*
vmware	workstation	6.5.1	cpe:2.3:a:vmware:workstation:6.5.1:::::::*
vmware	workstation	6.5.2	cpe:2.3:a:vmware:workstation:6.5.2:::::::*
vmware	workstation	6.5.3	cpe:2.3:a:vmware:workstation:6.5.3:::::::*
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::
vmware	player	2.5	cpe:2.3:a:vmware:player:2.5:::::::*
vmware	player	2.5.1	cpe:2.3:a:vmware:player:2.5.1:::::::*
vmware	player	2.5.2	cpe:2.3:a:vmware:player:2.5.2:::::::*
vmware	player	2.5.3	cpe:2.3:a:vmware:player:2.5.3:::::::*
vmware	ace	2.5.0	cpe:2.3:a:vmware:ace:2.5.0:::::::*