Vulnerability in Linux Linux_kernel
CVE-2011-1126
VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.
EPSS: 0.001 (21.5th percentile) — read the EPSS interpretation.
Affected products
- Linux Linux_kernel
- Vmware Vix_api — versions 1.0, 1.1, 1.1.1
- Vmware Workstation — versions 6.5.0, 6.5.1, 6.5.2
- N/a — versions n/a
Weakness classification (CWE)
References
- 1025270 (vdb-entry, x_refsource_SECTRACK)
- 43885 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- ADV-2011-0816 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- vmware-vmrun-privilege-escalation(66472) (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- [security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation (Vendor Advisory, mailing-list, x_refsource_MLIST)
- 20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation (mailing-list, x_refsource_BUGTRAQ)
- 43943 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 47094 (vdb-entry, x_refsource_BID)
- 8173 (x_refsource_SREASON, third-party-advisory)