VMware Fusion < 3.1.2 (VMSA-2010-0018)
High Nessus Plugin ID 51079
SynopsisThe remote host has an application that is affected by three security issues.
DescriptionThe version of VMware Fusion installed on the Mac OS X host is earlier than 3.1.2. Such versions are affected by three security issues :
- A race condition in the mounting process in vmware-mount in allows host OS users to gain privileges via vectors involving temporary files. (CVE-2010-4295)
- The VMware Tools update functionality allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a 'command injection' issue. (CVE-2010-4297)
- vmware-mount does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files. (CVE-2010-4296)
SolutionUpgrade to VMware Fusion 3.1.2 or later.