CVE-2010-1141

CWE-2644 documents4 sources

Severity

8.5HIGH

EPSS

5.5%

top 9.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ACE Vmware ESX Vmware Esxi +4 more

Timeline

PublishedApr 12

Latest updateMay 2

Description

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on …

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 6.8 | Impact: 10.0

Affected Packages7 packages

▶NVDvmware/esxi3.5, 4.0+1

▶NVDvmware/fusion7 versions+6

▶NVDvmware/player4 versions+3

▶NVDvmware/server2.0.0, 2.0.1, 2.0.2+2

▶NVDvmware/workstation4 versions+3

Patches

Patch: lists.vmware.com ↗Patch: www.vmware.com ↗Patch: lists.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-q95x-7x5m-676v: VMware Tools in VMware Workstation 6↗2022-05-02

▶

CVEList

CVE-2010-1141: VMware Tools in VMware Workstation 6↗2010-04-12

▶

💥Exploits & PoCs

Exploit-DB

NIPrint LPD - Request Overflow (Metasploit)↗2010-12-25

▶