CVE-2010-4297
Description
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a command injection issue.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.126
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.1 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.2 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.3 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.4 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.5 | Mac |
| Vulnerabilities CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.6 | Mac |
| Vulnerabilities CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.7 | Mac |
| Vulnerabilities CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.8 | Mac |
| Multiple Vulnerabilities are affected in VMware Fusion for MAC 3.1 | Mac |
| Multiple Vulnerabilities are affected in VMware Fusion for MAC 3.1.1 | Mac |
| Multiple Vulnerabilities are affected in VMware Fusion for MAC 3.1.2 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.1 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.2 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.3 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.4 | Mac |
| Vulnerabilities CVE-2009-3281,CVE-2009-3282,CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.5 | Mac |
| Vulnerabilities CVE-2010-4297 are affected in VMware Fusion for MAC 2.0.6 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
| PATCH-605160 | VMware Fusion for MAC 13.0.2 (Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234