Rapid7 Vulnerability & Exploit Database

VMware Fusion: VMware Workstation, Player and Fusion vmware-mount race condition (VMSA-2010-0018) (CVE-2010-4295)

Back to Search

VMware Fusion: VMware Workstation, Player and Fusion vmware-mount race condition (VMSA-2010-0018) (CVE-2010-4295)

Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
12/06/2010
Created
07/25/2018
Added
02/18/2014
Modified
06/03/2016

Description

Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.

Solution(s)

  • vmware-fusion-upgrade-3_1_2

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;