Vulnerability Description
The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Workstation | 7.0 |
| Microsoft | Windows | All versions |
| Vmware | Player | 3.0 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
- http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
- http://lists.vmware.com/pipermail/security-announce/2010/000090.htmlPatchVendor Advisory
- http://secunia.com/advisories/39206Vendor Advisory
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- http://securitytracker.com/id?1023834
- http://www.securityfocus.com/bid/39397
- http://www.vmware.com/security/advisories/VMSA-2010-0007.htmlPatchVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
- http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
- http://lists.vmware.com/pipermail/security-announce/2010/000090.htmlPatchVendor Advisory
- http://secunia.com/advisories/39206Vendor Advisory
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- http://securitytracker.com/id?1023834
- http://www.securityfocus.com/bid/39397
FAQ
What is CVE-2010-1140?
CVE-2010-1140 is a vulnerability with a CVSS score of 6.9 (MEDIUM). The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse pr...
How severe is CVE-2010-1140?
CVE-2010-1140 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1140?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Workstation, Microsoft Windows, Vmware Player.