high
8.5
CWE
264
Advisory Published
Updated

CVE-2010-1142

First published: Mon Apr 12 2010(Updated: )

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
VMware Workstation=6.5.0
VMware Workstation=6.5.1
VMware Workstation=6.5.2
VMware Workstation=6.5.3
Microsoft Windows
VMware Player=2.5
VMware Player=2.5.1
VMware Player=2.5.2
VMware Player=2.5.3
VMware ACE=2.5.0
VMware ACE=2.5.1
VMware ACE=2.5.2
VMware ACE=2.5.3
VMware Server=2.0.0
VMware Server=2.0.1
VMware Server=2.0.2
VMware Fusion Pro=2.0
VMware Fusion Pro=2.0.1
VMware Fusion Pro=2.0.2
VMware Fusion Pro=2.0.3
VMware Fusion Pro=2.0.4
VMware Fusion Pro=2.0.5
VMware Fusion Pro=3.0
VMware ESXi=3.5
VMware ESXi=4.0
VMware ESX=2.5.5
VMware ESX=3.0.3
VMware ESX=3.5
VMware ESX=4.0

Remedy

http://lists.vmware.com/pipermail/security-announce/2010/000090.html

Remedy

http://www.vmware.com/security/advisories/VMSA-2010-0007.html

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2010-1142?

    CVE-2010-1142 is classified as a high severity vulnerability due to potential privilege escalation risks.

  • How do I fix CVE-2010-1142?

    To remedy CVE-2010-1142, upgrade VMware Tools to version 6.5.4 or later for affected VMware products.

  • Which VMware products are affected by CVE-2010-1142?

    CVE-2010-1142 affects VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware Fusion, and VMware ESXi versions prior to specified patches.

  • What is the impact of CVE-2010-1142?

    The impact of CVE-2010-1142 is primarily privilege escalation, potentially allowing unauthorized users to gain administrative access.

  • When was CVE-2010-1142 discovered?

    CVE-2010-1142 was disclosed in April 2010, involving multiple vulnerabilities in VMware products.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203