Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
| Link | Tags |
|---|---|
| http://lists.vmware.com/pipermail/security-announce/2010/000112.html | mailing list vendor advisory |
| http://osvdb.org/69585 | vdb entry broken link |
| http://www.vmware.com/security/advisories/VMSA-2010-0018.html | vendor advisory |
| http://www.securityfocus.com/bid/45167 | vdb entry third party advisory broken link |
| http://www.securityfocus.com/archive/1/514995/100/0/threaded | mailing list vdb entry third party advisory broken link |
| http://secunia.com/advisories/42453 | broken link third party advisory vendor advisory |
| http://www.securitytracker.com/id?1024819 | vdb entry third party advisory broken link |
| http://secunia.com/advisories/42482 | broken link third party advisory vendor advisory |
| http://www.vupen.com/english/advisories/2010/3116 | vdb entry broken link vendor advisory |
| http://www.securitytracker.com/id?1024820 | vdb entry third party advisory broken link |