VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
| Link | Tags |
|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor advisory |
| http://secunia.com/advisories/39206 | third party advisory vendor advisory |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing list patch vendor advisory |
| http://www.securityfocus.com/bid/39394 | vdb entry |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing list |
| http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt | |
| http://www.securitytracker.com/id?1023833 | vdb entry |
| http://secunia.com/advisories/39198 | third party advisory vendor advisory |
| http://www.securitytracker.com/id?1023832 | vdb entry |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | patch vendor advisory |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing list |