VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-2427
studio: VMware Studio 2.0 does not properly write to tempor...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2427

Original

VMware Studio 2.0 does not properly write to temporary files, which allows local users to gain privileges via unspecified vectors.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-07-22
Source Information Category:
Advisory, Alert
Last Updated:
2010-07-22




Affected Product Tags
cpe:/a:vmware:studio:2.0
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

X Local [?]
Adjacent Network [?]
Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
Alternatives




References
BID 41568




BUGTRAQ 20100713 VMSA-2010-0011 VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0.




CONFIRM http://www.wmware.com/security/advisories/VMSA-2010-0011.html




MLIST [security-announce] 20100712 VMSA-2010-0011 VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0




SECTRACK 1024187




SECUNIA 40507




VUPEN ADV-2010-1791




Vulnerability Type Permissions, Privileges, and Access Control (CWE-264)




XF studio-tmp-files-privilege-escalation(60351)




Copyright © 2010 JPCERT/CC All Rights Reserved.