Auth bypass in Apple Mac_os_x
CVE-2010-4296
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libra…
Vulnerability class: Broken Access Control
EPSS: 0.001 (20.4th percentile) — read the EPSS interpretation.
Affected products
- Apple Mac_os_x
- Linux Linux_kernel
- Vmware Fusion — versions 3.1.1, 3.1.2, 3.1
- Vmware Player — versions 3.1.1, 3.1.2, 3.1
- Vmware Server — versions 2.0.2
- Vmware Workstation — versions 7.0, 7.0.1, 7.1.1
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- [security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues (Vendor Advisory, mailing-list, x_refsource_MLIST, Mailing List)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- 45168 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID, Broken Link)
- 20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues (mailing-list, x_refsource_BUGTRAQ, Third Party Advisory, VDB Entry, Broken Link)
- 42453 (x_refsource_SECUNIA, Broken Link, third-party-advisory, Vendor Advisory)
- 1024819 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK, Broken Link)
- 42482 (x_refsource_SECUNIA, Broken Link, third-party-advisory, Vendor Advisory)
- ADV-2010-3116 (Third Party Advisory, vdb-entry, x_refsource_VUPEN, Broken Link)
- 1024820 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK, Broken Link)
- 69584 (x_refsource_OSVDB, vdb-entry, Broken Link)
Frequently asked questions
- What is CVE-2010-4296?
- CVE-2010-4296 is a vulnerability in Apple Mac_os_x, classified under Incorrect Authorization. Published 2010-12-06.
- Is CVE-2010-4296 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.