NVD

Id
12673  
Name
CVE-2010-1139  
Description
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2010-04-12  
Modified Date
2013-05-14  
Seq
2010-1139  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
69559 12673 CVE-2010-1139 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues  View
69560 12673 CVE-2010-1139 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues  View
69561 12673 CVE-2010-1139 [security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues  View
69562 12673 CVE-2010-1139 GLSA-201209-25  View
69563 12673 CVE-2010-1139 39407  View
69564 12673 CVE-2010-1139 1023835  View
69565 12673 CVE-2010-1139 http://www.vmware.com/security/advisories/VMSA-2010-0007.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
35587 JVNDB-2010-001367 複数の VMware 製品の vmrun における権限昇格の脆弱性 複数の VMware 製品の vmrun には、フォーマットストリングの処理に関して不備があるため、権限を取得される脆弱性が存在します。 CVE-2010-1139 43719 CVE-2010-1139 12673 7.2 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001367.html 2010-04-09 2010-05-07 View