CVE-2010-4296

vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.

Published: Dec 6, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4296
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-863
CWE-264

Affected Software
References

Software	From	Fixed in
vmware / workstation	7.0	7.0.x
vmware / workstation	7.0.1	7.0.1.x
vmware / workstation	7.1	7.1.x
vmware / workstation	7.1.1	7.1.1.x
vmware / workstation	7.1.2	7.1.2.x
vmware / player	3.1	3.1.x
vmware / player	3.1.1	3.1.1.x
vmware / player	3.1.2	3.1.2.x
vmware / server	2.0.2	2.0.2.x
vmware / fusion	3.1	3.1.x
vmware / fusion	3.1.1	3.1.1.x
vmware / fusion	3.1.2	3.1.2.x

http://lists.vmware.com/pipermail/security-announce/2010/000112.html
http://osvdb.org/69584
http://secunia.com/advisories/42453
http://secunia.com/advisories/42482
http://www.securityfocus.com/archive/1/514995/100/0/threaded
http://www.securityfocus.com/bid/45168
http://www.securitytracker.com/id?1024819
http://www.securitytracker.com/id?1024820
http://www.vmware.com/security/advisories/VMSA-2010-0018.html
http://www.vupen.com/english/advisories/2010/3116

Vulnerability Database

289,599

CVE-2010-4296