Summary
The host is installed with VMWare Workstation local privilege escalation vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary code with elevated privileges, which may aid in other attacks.
Impact Level: System/Application
Solution
Apply the patch or upgrade workstation 7.1.4 build 385536 For updates refer to http://www.vmware.com/products/ws/
*****
NOTE: Ignore this warning, if above mentioned workaround is manually applied.
*****
Insight
The flaw is caused by an error in the 'vmrun' utility when handling library paths, which could be exploited to execute arbitrary code by tricking a user into running a vulnerable utility in a directory containing a specially crafted file.
Affected
VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux.
References
Severity
Classification
-
CVE CVE-2011-1126 -
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
- Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
- Apple Safari Web Script Execution Vulnerabilites - June09
- Brother HL-5370DW Printer 'post/panel.html' Security Bypass Vulnerability
- Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Windows)