Search criteria
6 vulnerabilities found for vix_api by vmware
FKIE_CVE-2011-1126
Vulnerability from fkie_nvd - Published: 2011-04-04 12:27 - Updated: 2025-04-11 00:51
Severity ?
Summary
VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | vix_api | 1.0 | |
| vmware | vix_api | 1.1 | |
| vmware | vix_api | 1.1.1 | |
| vmware | vix_api | 1.1.2 | |
| vmware | vix_api | 1.1.3 | |
| vmware | vix_api | 1.1.4 | |
| vmware | vix_api | 1.1.5 | |
| vmware | vix_api | 1.6.0 | |
| vmware | vix_api | 1.6.1 | |
| vmware | vix_api | 1.7 | |
| vmware | vix_api | 1.8 | |
| vmware | vix_api | 1.8.1 | |
| vmware | vix_api | 1.9 | |
| linux | linux_kernel | * | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | workstation | 6.5.4 | |
| vmware | workstation | 6.5.5 | |
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| vmware | workstation | 7.1.3 | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED1A8908-15AE-43AF-A1F1-D17A00BB8BDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD28C4F9-2B04-45AA-9A23-313892FBCCEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F56B36-D0AA-4642-A35F-F2AD8A9AC82E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F80DE31-5B5D-41EF-9DC1-915AC88513A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "093CF496-09F2-4E2A-8B41-DD4B817704AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27E7EC42-023C-4536-B2DC-EC704337D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF7EE8C-AD9D-40D6-99A0-26758DB83EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FDEEE1-BC47-4EE6-A56B-C7626D554019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "98918409-9F58-4FBC-B5C1-4015B5E3C0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FF0C3C01-6469-4985-A11F-EEF0BA71D6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0A06E17F-01B8-470C-B86C-A1BAB01E9C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E10DEC6-2798-4960-8946-3A1682CC2990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1D78D8B5-400A-494E-A181-4ADBA8EB4246",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3684F0D0-B8BE-442B-AA27-0A485E6BFFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A172221-19AB-4F7D-AA28-94AD5A6EFBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
},
{
"lang": "es",
"value": "VMware vmrun,como se utiliza en VIX API v1.x antes de v1.10.3 y VMware Workstation v6.5.x antes de v7.1.4 y v7.x compilaci\u00f3n 385536 en Linux podr\u00eda permitir a usuarios locales conseguir privilegios a trav\u00e9s de un caballo de Troya en una librer\u00eda compartida en un directorio especificado."
}
],
"id": "CVE-2011-1126",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-04-04T12:27:38.157",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43885"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43943"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8173"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025270"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/47094"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1139
Vulnerability from fkie_nvd - Published: 2010-04-12 18:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| linux | linux_kernel | * | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| linux | linux_kernel | * | |
| vmware | fusion | 2.0 | |
| vmware | fusion | 2.0.1 | |
| vmware | fusion | 2.0.2 | |
| vmware | fusion | 2.0.3 | |
| vmware | fusion | 2.0.4 | |
| vmware | fusion | 2.0.5 | |
| vmware | fusion | 2.0.6 | |
| vmware | vix_api | 1.6.0 | |
| vmware | vix_api | 1.6.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C47EB8-8844-4D49-9246-008F7AE45C60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FDEEE1-BC47-4EE6-A56B-C7626D554019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "98918409-9F58-4FBC-B5C1-4015B5E3C0FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en vmrun en VMware VIX API v1.6.x, VMware Workstation v6.5.x antes de v6.5.4 build 246459, VMware Player v2.5.x antes de v2.5.4 build 246.459, y VMware Server v2.x en Linux y VMware Fusion v2.x antes de v2.0.7 build 246.742, permite a usuarios locales conseguir privilegios a trav\u00e9s de especificadores de formato de cadenas en los metadatos de proceso."
}
],
"id": "CVE-2010-1139",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-12T18:30:00.587",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/63606"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39201"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/39407"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023835"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/63606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2011-1126 (GCVE-0-2011-1126)
Vulnerability from cvelistv5 – Published: 2011-04-01 21:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025270",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025270"
},
{
"name": "43885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43885"
},
{
"name": "ADV-2011-0816",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"name": "vmware-vmrun-privilege-escalation(66472)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"name": "43943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43943"
},
{
"name": "47094",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47094"
},
{
"name": "8173",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1025270",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025270"
},
{
"name": "43885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43885"
},
{
"name": "ADV-2011-0816",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"name": "vmware-vmrun-privilege-escalation(66472)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"name": "43943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43943"
},
{
"name": "47094",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47094"
},
{
"name": "8173",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1025270",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025270"
},
{
"name": "43885",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43885"
},
{
"name": "ADV-2011-0816",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"name": "vmware-vmrun-privilege-escalation(66472)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"name": "43943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43943"
},
{
"name": "47094",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47094"
},
{
"name": "8173",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1126",
"datePublished": "2011-04-01T21:00:00",
"dateReserved": "2011-03-02T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1139 (GCVE-0-2010-1139)
Vulnerability from cvelistv5 – Published: 2010-04-12 18:00 – Updated: 2024-08-07 01:14
VLAI?
Summary
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"refsource": "OSVDB",
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1139",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2010-03-29T00:00:00",
"dateUpdated": "2024-08-07T01:14:06.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1126 (GCVE-0-2011-1126)
Vulnerability from nvd – Published: 2011-04-01 21:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025270",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025270"
},
{
"name": "43885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43885"
},
{
"name": "ADV-2011-0816",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"name": "vmware-vmrun-privilege-escalation(66472)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"name": "43943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43943"
},
{
"name": "47094",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47094"
},
{
"name": "8173",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1025270",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025270"
},
{
"name": "43885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43885"
},
{
"name": "ADV-2011-0816",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"name": "vmware-vmrun-privilege-escalation(66472)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"name": "43943",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43943"
},
{
"name": "47094",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47094"
},
{
"name": "8173",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1025270",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025270"
},
{
"name": "43885",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43885"
},
{
"name": "ADV-2011-0816",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0816"
},
{
"name": "vmware-vmrun-privilege-escalation(66472)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
},
{
"name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
},
{
"name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
},
{
"name": "43943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43943"
},
{
"name": "47094",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47094"
},
{
"name": "8173",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1126",
"datePublished": "2011-04-01T21:00:00",
"dateReserved": "2011-03-02T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1139 (GCVE-0-2010-1139)
Vulnerability from nvd – Published: 2010-04-12 18:00 – Updated: 2024-08-07 01:14
VLAI?
Summary
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"refsource": "OSVDB",
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1139",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2010-03-29T00:00:00",
"dateUpdated": "2024-08-07T01:14:06.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}