CVE-2010-1142

CWE-2643 documents3 sources

Severity

8.5HIGH

EPSS

1.1%

top 21.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ACE Vmware ESX Vmware Esxi +4 more

Timeline

PublishedApr 12

Latest updateMay 2

Description

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 6.8 | Impact: 10.0

Affected Packages7 packages

▶NVDvmware/esxi3.5, 4.0+1

▶NVDvmware/fusion7 versions+6

▶NVDvmware/player4 versions+3

▶NVDvmware/server2.0.0, 2.0.1, 2.0.2+2

▶NVDvmware/workstation4 versions+3

Patches

Patch: lists.vmware.com ↗Patch: www.vmware.com ↗Patch: lists.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-4p33-j96h-vmj6: VMware Tools in VMware Workstation 6↗2022-05-02

▶

CVEList

CVE-2010-1142: VMware Tools in VMware Workstation 6↗2010-04-12

▶