CVE-2011-2146: Infoleak
First published: Mon Jun 06 2011(Updated: )
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Workstation | =7.1.1 | |
| VMware Workstation | =7.1.2 | |
| VMware Workstation | =7.1.3 | |
| VMware Player | =3.1 | |
| VMware Player | =3.1.1 | |
| VMware Player | =3.1.2 | |
| VMware Player | =3.1.3 | |
| VMware Fusion Pro | =3.1 | |
| VMware Fusion Pro | =3.1.1 | |
| VMware Fusion Pro | =3.1.2 | |
| VMware ESX | =3.0.3 | |
| VMware ESX | =3.5 | |
| VMware ESX | =4.0 | |
| VMware ESX | =4.1 | |
| VMware ESXi | =3.5 | |
| VMware ESXi | =4.0 | |
| VMware ESXi | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/44840
- http://secunia.com/advisories/44904
- http://www.securityfocus.com/bid/48098
- http://www.securitytracker.com/id?1025601
- http://www.vmware.com/security/advisories/VMSA-2011-0009.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67813
- https://hermes.opensuse.org/messages/8711677
Frequently Asked Questions
What is the severity of CVE-2011-2146?
CVE-2011-2146 is classified as a vulnerability that can allow unauthorized access to host OS files by guest OS users, highlighting a potential security risk.
How do I fix CVE-2011-2146?
To mitigate CVE-2011-2146, upgrade to VMware Workstation 7.1.4, Player 3.1.4, Fusion 3.1.3, or later versions.
What systems are affected by CVE-2011-2146?
CVE-2011-2146 affects VMware Workstation versions 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, and certain versions of VMware ESXi and ESX.
What impact does CVE-2011-2146 have on VMware products?
CVE-2011-2146 allows guest OS users to discover the existence of certain host OS files, leading to potential data exposure.
Is there a workaround for CVE-2011-2146?
There are no documented workarounds for CVE-2011-2146; applying the latest updates is the recommended action.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/vmware
- canonical/vmware workstation
- version/vmware workstation/7.1.1
- version/vmware workstation/7.1.2
- version/vmware workstation/7.1.3
- canonical/vmware player
- version/vmware player/3.1
- version/vmware player/3.1.1
- version/vmware player/3.1.2
- version/vmware player/3.1.3
- canonical/vmware fusion pro
- version/vmware fusion pro/3.1
- version/vmware fusion pro/3.1.1
- version/vmware fusion pro/3.1.2
- canonical/vmware esx
- version/vmware esx/3.0.3
- version/vmware esx/3.5
- version/vmware esx/4.0
- version/vmware esx/4.1
- canonical/vmware esxi
- version/vmware esxi/3.5
- version/vmware esxi/4.0
- version/vmware esxi/4.1