VMware Workstation 6.5.0/6.5.1/6.5.2/6.5.3 Libraries Stored access control
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 9.5 | $0-$5k | 0.00 |
Summary
A vulnerability categorized as critical has been discovered in VMware Workstation 6.5.0/6.5.1/6.5.2/6.5.3. This affects an unknown function of the component Libraries. Such manipulation leads to access control (Stored). This vulnerability is documented as CVE-2010-1141. There is not any exploit available. It is advisable to upgrade the affected component.
Details
A vulnerability was found in VMware Workstation 6.5.0/6.5.1/6.5.2/6.5.3 (Virtualization Software). It has been rated as critical. Affected by this issue is an unknown functionality of the component Libraries. The manipulation with an unknown input leads to a access control vulnerability (Stored). Using CWE to declare the problem leads to CWE-264. Impacted is confidentiality, integrity, and availability. CVE summarizes:
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share.
The weakness was released 04/12/2010 by Mitja Kolsek with ACROS Security (Website). The advisory is shared for download at vmware.com. This vulnerability is handled as CVE-2010-1141. The attack may be launched remotely. The successful exploitation needs a simple authentication. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1068.
The vulnerability scanner Nessus provides a plugin with the ID 62383 (GLSA-201209-25 : VMware Player, Server, Workstation: Multiple vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Gentoo Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 117774 (VMware Hosted Products, vCenter Server and ESX Multiple Security Issues (VMSA-2010-0007)).
Upgrading to version 2.0.0 eliminates this vulnerability.
The vulnerability is also documented in the databases at Tenable (62383), SecurityFocus (BID 39392†), Secunia (SA39198†), SecurityTracker (ID 1023832†) and Vulnerability Center (SBV-25450†). Entries connected to this vulnerability are available at VDB-41601, VDB-41600, VDB-41599 and VDB-41598. Once again VulDB remains the best source for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.vmware.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 9.9VulDB Meta Temp Score: 9.5
VulDB Base Score: 9.9
VulDB Temp Score: 9.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Name: StoredClass: Access control / Stored
CWE: CWE-264
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 62383
Nessus Name: GLSA-201209-25 : VMware Player, Server, Workstation: Multiple vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 103467
OpenVAS Name: VMSA-2010-0007: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Workstation 2.0.0
Timeline
03/29/2010 🔍04/09/2010 🔍
04/12/2010 🔍
04/12/2010 🔍
04/12/2010 🔍
04/18/2010 🔍
03/19/2015 🔍
04/26/2025 🔍
Sources
Vendor: vmware.comAdvisory: vmware.com
Researcher: Mitja Kolsek
Organization: ACROS Security
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2010-1141 (🔍)
GCVE (CVE): GCVE-0-2010-1141
GCVE (VulDB): GCVE-100-52676
OVAL: 🔍
IAVM: 🔍
SecurityFocus: 39392 - VMware Hosted Products VMware Tools Library Reference Remote Code Execution Vulnerability
Secunia: 39198
SecurityTracker: 1023832
Vulnerability Center: 25450 - VMware Tools in Multiple VMware Products Remote Arbitrary Code Execution Vulnerability, Medium
scip Labs: https://www.scip.ch/en/?labs.20060413
See also: 🔍
Entry
Created: 03/19/2015 12:22Updated: 04/26/2025 11:11
Changes: 03/19/2015 12:22 (66), 02/23/2017 10:24 (10), 09/07/2021 14:41 (4), 09/07/2021 14:42 (1), 12/08/2024 05:49 (15), 04/26/2025 11:11 (1)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.