Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-4296 | First vendor Publication | 2010-12-06 |
| Vendor | Cve | Last vendor Modification | 2022-12-14 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4296 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 3 | |
| Application | 3 | |
| Application | 1 | |
| Application | 5 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-03-16 | Name : VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple securi... File : nvt/gb_VMSA-2010-0018.nasl |
| 2010-12-13 | Name : VMware Products Memory Corruption and Buffer Overflow Vulnerability (Win) File : nvt/gb_vmware_prdts_mem_corruption_n_bof_vuln_win.nasl |
| 2010-12-13 | Name : VMware Products Multiple Local Privilege Escalation Vulnerabilities (Linux) File : nvt/gb_vmware_prdts_mult_loc_prev_escl_vuln_lin.nasl |
| 2010-12-13 | Name : VMware Products Tools Local Privilege Escalation Vulnerability (Linux) File : nvt/gb_vmware_prdts_tools_loc_prev_escl_vuln_lin.nasl |
| 2010-12-13 | Name : VMware Products Tools Local Privilege Escalation Vulnerability (Windows) File : nvt/gb_vmware_prdts_tools_loc_prev_escl_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 69584 | VMware Multiple Products vmware-mount Library Loading Arbitrary Code Execution VMware Workstation, Player, and Fusion contain a flaw related to the 'vmware-mount' utility when loading libraries. This may allow a local attacker to execute arbitrary code with root privileges. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2010-12-09 | IAVM : 2010-A-0168 - Multiple Vulnerabilities in VMware Products Severity : Category II - VMSKEY : V0025835 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0018_remote.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote host has an application that is affected by a security issue. File : macosx_fusion_2_0_8.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote host has an application that is affected by three security issues. File : macosx_fusion_3_1_2.nasl - Type : ACT_GATHER_INFO |
| 2010-12-07 | Name : The remote host has a virtualization application affected by multiple vulnera... File : vmware_multiple_vmsa_2010_0018.nasl - Type : ACT_GATHER_INFO |
| 2010-12-06 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0018.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2022-12-14 21:27:57 |
|
| 2020-05-23 00:26:56 |
|
| 2018-10-11 00:20:00 |
|
| 2016-06-28 18:22:52 |
|
| 2016-04-26 20:14:41 |
|
| 2014-02-17 10:58:39 |
|
| 2013-11-11 12:39:05 |
|
| 2013-05-10 23:37:17 |
|
