CVE-2011-1126

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-1126

6.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

V

Mware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.

References
Link Resource
http://lists.vmware.com/pipermail/security-announce/2011/000131.html Vendor Advisory
http://secunia.com/advisories/43885 Vendor Advisory
http://secunia.com/advisories/43943 Vendor Advisory
http://securityreason.com/securityalert/8173
http://securitytracker.com/id?1025270
http://www.securityfocus.com/archive/1/517240/100/0/threaded
http://www.securityfocus.com/bid/47094
http://www.vmware.com/security/advisories/VMSA-2011-0006.html Vendor Advisory
http://www.vupen.com/english/advisories/2011/0816 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66472
http://lists.vmware.com/pipermail/security-announce/2011/000131.html Vendor Advisory
http://secunia.com/advisories/43885 Vendor Advisory
http://secunia.com/advisories/43943 Vendor Advisory
http://securityreason.com/securityalert/8173
http://securitytracker.com/id?1025270
http://www.securityfocus.com/archive/1/517240/100/0/threaded
http://www.securityfocus.com/bid/47094
http://www.vmware.com/security/advisories/VMSA-2011-0006.html Vendor Advisory
http://www.vupen.com/english/advisories/2011/0816 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66472
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:vmware:vix_api:1.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vix_api:1.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:6.5.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

21 Nov 2024, 01:25

Type Values Removed Values Added
References () http://lists.vmware.com/pipermail/security-announce/2011/000131.html - Vendor Advisory () http://lists.vmware.com/pipermail/security-announce/2011/000131.html - Vendor Advisory
References () http://secunia.com/advisories/43885 - Vendor Advisory () http://secunia.com/advisories/43885 - Vendor Advisory
References () http://secunia.com/advisories/43943 - Vendor Advisory () http://secunia.com/advisories/43943 - Vendor Advisory
References () http://securityreason.com/securityalert/8173 - () http://securityreason.com/securityalert/8173 -
References () http://securitytracker.com/id?1025270 - () http://securitytracker.com/id?1025270 -
References () http://www.securityfocus.com/archive/1/517240/100/0/threaded - () http://www.securityfocus.com/archive/1/517240/100/0/threaded -
References () http://www.securityfocus.com/bid/47094 - () http://www.securityfocus.com/bid/47094 -
References () http://www.vmware.com/security/advisories/VMSA-2011-0006.html - Vendor Advisory () http://www.vmware.com/security/advisories/VMSA-2011-0006.html - Vendor Advisory
References () http://www.vupen.com/english/advisories/2011/0816 - Vendor Advisory () http://www.vupen.com/english/advisories/2011/0816 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/66472 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/66472 -
Information

Published : 2011-04-04 12:27

Updated : 2025-04-11 00:51

NVD link : CVE-2011-1126

Mitre link : CVE-2011-1126

CVE.ORG link : CVE-2011-1126

JSON object : View

Products Affected

vmware

linux

CWE
CWE-264

Permissions, Privileges, and Access Controls