What is CVE-2013-1662?

CVE-2013-1662 is a vulnerability in Vmware Player, classified under CWE-264. Published 2013-08-24.

Is CVE-2013-1662 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Vmware Player

CVE-2013-1662

vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use…

EPSS: 0.061 (91.0th percentile) — read the EPSS interpretation.

Affected products

Vmware Player — versions 4.0, 4.0.0.18997, 4.0.1
Vmware Workstation — versions 8.0, 8.0.0.18997, 8.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cvemon
capturePointer/libxploit
dcppkieffjlpodter/libxploit
kostyll/libxploit

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)

Frequently asked questions

What is CVE-2013-1662?: CVE-2013-1662 is a vulnerability in Vmware Player, classified under CWE-264. Published 2013-08-24.
Is CVE-2013-1662 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.