VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-3277
workstation, player: The installer in VMware Workstation 7.x before 7.1....
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3277

Original

The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-09-28
Source Information Category:
Advisory, Alert
Last Updated:
2010-09-29




Affected Product Tags
cpe:/a:vmware:player:3.0
cpe:/a:vmware:player:3.0.1
cpe:/a:vmware:player:3.1
cpe:/a:vmware:player:3.1.1
cpe:/a:vmware:workstation:7.0
cpe:/a:vmware:workstation:7.0.1
cpe:/a:vmware:workstation:7.1
cpe:/a:vmware:workstation:7.1.1
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

X Local [?]
Adjacent Network [?]
Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
Alternatives




References
CONFIRM http://www.vmware.com/security/advisories/VMSA-2010-0014.html




MLIST [security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues




SECTRACK 1024481




SECUNIA 41574




VUPEN ADV-2010-2491




Vulnerability Type Permissions, Privileges, and Access Control (CWE-264)




Copyright © 2010 JPCERT/CC All Rights Reserved.