CVE-2015-5191
published 2017-07-28CVE-2015-5191: VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of…
medium6.7CVSS 3.0
AVLACHPRLUIRSUCHIHAH
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | open-vm-tools | < open-vm-tools 2:10.1.5-5055683-5 (bookworm) | open-vm-tools 2:10.1.5-5055683-5 (bookworm) |
| vmware | open-vm-tools | >= 0 < 2:10.1.5-5055683-5 | 2:10.1.5-5055683-5 |
| vmware | open-vm-tools | >= 0 < 2:10.1.5-5055683-5 | 2:10.1.5-5055683-5 |
| vmware | open-vm-tools | >= 0 < 2:10.1.5-5055683-5 | 2:10.1.5-5055683-5 |
| vmware | open-vm-tools | >= 0 < 2:10.1.5-5055683-5 | 2:10.1.5-5055683-5 |
| vmware | tools | <= 10.0.8 | — |
| vmware | vmware_tools | — | — |
| vmware | vmware_tools | — | — |
| vmware | vmware_vcenter_server | — | — |
| vmware | vsphere | — | — |
CVSS provenance
nvdv3.06.7MEDIUMCVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
osv6.7MEDIUM