CVE-2011-2145
First published: Mon Jun 06 2011(Updated: )
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware ESX | =3.0.3 | |
| VMware ESX | =3.5 | |
| VMware ESX | =4.0 | |
| VMware ESX | =4.1 | |
| VMware ESXi | =3.5 | |
| VMware ESXi | =4.0 | |
| VMware ESXi | =4.1 | |
| VMware Fusion Pro | =3.1 | |
| VMware Fusion Pro | =3.1.1 | |
| VMware Fusion Pro | =3.1.2 | |
| VMware Player | =3.1 | |
| VMware Player | =3.1.1 | |
| VMware Player | =3.1.2 | |
| VMware Player | =3.1.3 | |
| VMware Workstation | =7.1.1 | |
| VMware Workstation | =7.1.2 | |
| VMware Workstation | =7.1.3 | |
| FreeBSD FreeBSD | ||
| Oracle Solaris SPARC |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vmware.com/security/advisories/VMSA-2011-0009.html
- https://hermes.opensuse.org/messages/8711677
- http://secunia.com/advisories/44904
- http://www.securitytracker.com/id?1025601
- http://secunia.com/advisories/44840
- http://www.securityfocus.com/bid/48098
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67815
Frequently Asked Questions
What is the severity of CVE-2011-2145?
CVE-2011-2145 is rated as a high-severity vulnerability affecting various VMware products.
How do I fix CVE-2011-2145?
To fix CVE-2011-2145, upgrade to the patched versions of VMware Workstation, Player, or Fusion as specified in VMware's security advisory.
Which versions are affected by CVE-2011-2145?
CVE-2011-2145 affects VMware Workstation versions prior to 7.1.4, Player before 3.1.4, Fusion before 3.1.3, and certain ESX/ESXi versions.
What types of systems are impacted by CVE-2011-2145?
CVE-2011-2145 impacts systems running Solaris or FreeBSD as guest operating systems within VMware products.
Is there a workaround for CVE-2011-2145?
There are no specific workarounds for CVE-2011-2145 other than upgrading to the secure software versions.
- collector/nvd-historical
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/remedy
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/vmware
- canonical/vmware esx
- version/vmware esx/3.0.3
- version/vmware esx/3.5
- version/vmware esx/4.0
- version/vmware esx/4.1
- canonical/vmware esxi
- version/vmware esxi/3.5
- version/vmware esxi/4.0
- version/vmware esxi/4.1
- canonical/vmware fusion pro
- version/vmware fusion pro/3.1
- version/vmware fusion pro/3.1.1
- version/vmware fusion pro/3.1.2
- canonical/vmware player
- version/vmware player/3.1
- version/vmware player/3.1.1
- version/vmware player/3.1.2
- version/vmware player/3.1.3
- canonical/vmware workstation
- version/vmware workstation/7.1.1
- version/vmware workstation/7.1.2
- version/vmware workstation/7.1.3
- vendor/freebsd
- canonical/freebsd freebsd
- vendor/oracle
- canonical/oracle solaris sparc