CVE-2010-1140 — Vmware Player vulnerability

CWE-2644 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 74.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Player Vmware Workstation

Timeline

PublishedApr 12

Latest updateMay 2

Description

The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages2 packages

▶NVDvmware/player3.0

▶NVDvmware/workstation7.0

Patches

Patch: lists.vmware.com ↗Patch: www.vmware.com ↗Patch: lists.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-3r4h-rh4f-997w: The USB service in VMware Workstation 7↗2022-05-02

▶

CVEList

CVE-2010-1140: The USB service in VMware Workstation 7↗2010-04-12

▶