Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-3277 | First vendor Publication | 2010-09-28 |
Vendor | Cve | Last vendor Modification | 2010-09-29 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2010-10-01 | Name : VMware Products Security Bypass Vulnerability (Linux) -Sep10 File : nvt/secpod_vmware_prdts_sec_bypass_vuln_lin_sep10.nasl |
2010-10-01 | Name : VMware Products Security Bypass Vulnerability (Win) -Sep10 File : nvt/secpod_vmware_prdts_sec_bypass_vuln_win_sep10.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68273 | VMware Multiple Products Installer index.htm File Rendering Local Script Mani... |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:12:18 |
|
2021-04-22 01:13:04 |
|
2020-05-23 00:26:25 |
|
2016-04-26 20:04:23 |
|
2013-05-10 23:32:02 |
|