cvelistv5 - cve-2011-1126

CVE-2011-1126 (GCVE-0-2011-1126)

Vulnerability from cvelistv5

Published

2011-04-01 21:00

Modified

2024-08-06 22:14

Severity ?

CWE

Summary

VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.

References

►

URL

Tags

cve@mitre.org	http://lists.vmware.com/pipermail/security-announce/2011/000131.html	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43885	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43943	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/8173
cve@mitre.org	http://securitytracker.com/id?1025270
cve@mitre.org	http://www.securityfocus.com/archive/1/517240/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/47094
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2011-0006.html	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0816	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/66472
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2011/000131.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43885	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43943	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8173
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025270
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/517240/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47094
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2011-0006.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0816	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/66472

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:27.803Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1025270",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025270"
          },
          {
            "name": "43885",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43885"
          },
          {
            "name": "ADV-2011-0816",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0816"
          },
          {
            "name": "vmware-vmrun-privilege-escalation(66472)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
          },
          {
            "name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
          },
          {
            "name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
          },
          {
            "name": "43943",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43943"
          },
          {
            "name": "47094",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47094"
          },
          {
            "name": "8173",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8173"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1025270",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025270"
        },
        {
          "name": "43885",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43885"
        },
        {
          "name": "ADV-2011-0816",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0816"
        },
        {
          "name": "vmware-vmrun-privilege-escalation(66472)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
        },
        {
          "name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
        },
        {
          "name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
        },
        {
          "name": "43943",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43943"
        },
        {
          "name": "47094",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47094"
        },
        {
          "name": "8173",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8173"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1126",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1025270",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025270"
            },
            {
              "name": "43885",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43885"
            },
            {
              "name": "ADV-2011-0816",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0816"
            },
            {
              "name": "vmware-vmrun-privilege-escalation(66472)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
            },
            {
              "name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
            },
            {
              "name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
            },
            {
              "name": "43943",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43943"
            },
            {
              "name": "47094",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47094"
            },
            {
              "name": "8173",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8173"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1126",
    "datePublished": "2011-04-01T21:00:00",
    "dateReserved": "2011-03-02T00:00:00",
    "dateUpdated": "2024-08-06T22:14:27.803Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1126\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-04-04T12:27:38.157\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.\"},{\"lang\":\"es\",\"value\":\"VMware vmrun,como se utiliza en VIX API v1.x antes de v1.10.3 y VMware Workstation v6.5.x antes de v7.1.4 y v7.x compilaci\u00f3n 385536 en Linux podr\u00eda permitir a usuarios locales conseguir privilegios a trav\u00e9s de un caballo de Troya en una librer\u00eda compartida en un directorio especificado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED1A8908-15AE-43AF-A1F1-D17A00BB8BDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD28C4F9-2B04-45AA-9A23-313892FBCCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3F56B36-D0AA-4642-A35F-F2AD8A9AC82E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F80DE31-5B5D-41EF-9DC1-915AC88513A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"093CF496-09F2-4E2A-8B41-DD4B817704AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27E7EC42-023C-4536-B2DC-EC704337D73C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF7EE8C-AD9D-40D6-99A0-26758DB83EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9FDEEE1-BC47-4EE6-A56B-C7626D554019\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98918409-9F58-4FBC-B5C1-4015B5E3C0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF0C3C01-6469-4985-A11F-EEF0BA71D6A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A06E17F-01B8-470C-B86C-A1BAB01E9C6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E10DEC6-2798-4960-8946-3A1682CC2990\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:vix_api:1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D78D8B5-400A-494E-A181-4ADBA8EB4246\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"155AD4FB-E527-4103-BCEF-801B653DEA37\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8F3BFF-676B-4E2C-98BA-DCA71E49060F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3E658DA-56E8-49F0-B486-4EF622B63627\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"541D77A2-99C5-4CDB-877F-7E83E1E3369E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6B53C0A-5A0C-4168-8AD3-F3E957AE8919\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3684F0D0-B8BE-442B-AA27-0A485E6BFFAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:6.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A172221-19AB-4F7D-AA28-94AD5A6EFBF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB33DBC9-3B63-457E-A353-B9E7378211AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13A31E93-7671-492E-A78F-89CF4703B04D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99ADA116-A571-4788-8DF2-09E8A2AF92F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2818FD22-8BC5-4803-8D62-D7C7C22556F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"155AD4FB-E527-4103-BCEF-801B653DEA37\"}]}]}],\"references\":[{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2011/000131.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43885\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43943\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/8173\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1025270\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/517240/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/47094\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0006.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0816\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66472\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2011/000131.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43885\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43943\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/8173\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1025270\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/517240/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/47094\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66472\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-j2qw-vv3p-xrvq

Vulnerability from github

Published

2022-05-14 02:56

Modified

2022-05-14 02:56

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-1126"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-04-04T12:27:00Z",
    "severity": "MODERATE"
  },
  "details": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.",
  "id": "GHSA-j2qw-vv3p-xrvq",
  "modified": "2022-05-14T02:56:10Z",
  "published": "2022-05-14T02:56:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1126"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43885"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43943"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/8173"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1025270"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/47094"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0816"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2011-1126

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2011-1126

Aliases

CVE-2011-1126

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-1126",
    "description": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.",
    "id": "GSD-2011-1126"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-1126"
      ],
      "details": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.",
      "id": "GSD-2011-1126",
      "modified": "2023-12-13T01:19:07.952954Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-1126",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1025270",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1025270"
          },
          {
            "name": "43885",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43885"
          },
          {
            "name": "ADV-2011-0816",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0816"
          },
          {
            "name": "vmware-vmrun-privilege-escalation(66472)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
          },
          {
            "name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
            "refsource": "MLIST",
            "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
          },
          {
            "name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
          },
          {
            "name": "43943",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43943"
          },
          {
            "name": "47094",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/47094"
          },
          {
            "name": "8173",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/8173"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:vix_api:1.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1126"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43943",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/43943"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
            },
            {
              "name": "47094",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/47094"
            },
            {
              "name": "ADV-2011-0816",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0816"
            },
            {
              "name": "43885",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/43885"
            },
            {
              "name": "1025270",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1025270"
            },
            {
              "name": "[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation",
              "refsource": "MLIST",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
            },
            {
              "name": "8173",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/8173"
            },
            {
              "name": "vmware-vmrun-privilege-escalation(66472)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
            },
            {
              "name": "20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-09T19:30Z",
      "publishedDate": "2011-04-04T12:27Z"
    }
  }
}

fkie_cve-2011-1126

Vulnerability from fkie_nvd

Published

2011-04-04 12:27

Modified

2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.vmware.com/pipermail/security-announce/2011/000131.html	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43885	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43943	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/8173
cve@mitre.org	http://securitytracker.com/id?1025270
cve@mitre.org	http://www.securityfocus.com/archive/1/517240/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/47094
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2011-0006.html	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0816	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/66472
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2011/000131.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43885	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43943	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8173
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025270
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/517240/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47094
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2011-0006.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0816	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/66472

Impacted products

Vendor	Product	Version
vmware	vix_api	1.0
vmware	vix_api	1.1
vmware	vix_api	1.1.1
vmware	vix_api	1.1.2
vmware	vix_api	1.1.3
vmware	vix_api	1.1.4
vmware	vix_api	1.1.5
vmware	vix_api	1.6.0
vmware	vix_api	1.6.1
vmware	vix_api	1.7
vmware	vix_api	1.8
vmware	vix_api	1.8.1
vmware	vix_api	1.9
linux	linux_kernel	*
vmware	workstation	6.5.0
vmware	workstation	6.5.1
vmware	workstation	6.5.2
vmware	workstation	6.5.3
vmware	workstation	6.5.4
vmware	workstation	6.5.5
vmware	workstation	7.0
vmware	workstation	7.0.1
vmware	workstation	7.1
vmware	workstation	7.1.1
vmware	workstation	7.1.2
vmware	workstation	7.1.3
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED1A8908-15AE-43AF-A1F1-D17A00BB8BDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD28C4F9-2B04-45AA-9A23-313892FBCCEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3F56B36-D0AA-4642-A35F-F2AD8A9AC82E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F80DE31-5B5D-41EF-9DC1-915AC88513A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "093CF496-09F2-4E2A-8B41-DD4B817704AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E7EC42-023C-4536-B2DC-EC704337D73C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF7EE8C-AD9D-40D6-99A0-26758DB83EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9FDEEE1-BC47-4EE6-A56B-C7626D554019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98918409-9F58-4FBC-B5C1-4015B5E3C0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF0C3C01-6469-4985-A11F-EEF0BA71D6A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A06E17F-01B8-470C-B86C-A1BAB01E9C6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E10DEC6-2798-4960-8946-3A1682CC2990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vix_api:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D78D8B5-400A-494E-A181-4ADBA8EB4246",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3684F0D0-B8BE-442B-AA27-0A485E6BFFAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A172221-19AB-4F7D-AA28-94AD5A6EFBF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory."
    },
    {
      "lang": "es",
      "value": "VMware vmrun,como se utiliza en VIX API v1.x antes de v1.10.3 y VMware Workstation v6.5.x antes de v7.1.4 y v7.x compilaci\u00f3n 385536 en Linux podr\u00eda permitir a usuarios locales conseguir privilegios a trav\u00e9s de un caballo de Troya en una librer\u00eda compartida en un directorio especificado."
    }
  ],
  "id": "CVE-2011-1126",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-04-04T12:27:38.157",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43885"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43943"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/8173"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1025270"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47094"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0816"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2011/000131.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43885"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/517240/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47094"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66472"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2011-1126 (GCVE-0-2011-1126)

Vulnerability from cvelistv5

ghsa-j2qw-vv3p-xrvq

Vulnerability from github

gsd-2011-1126

Vulnerability from gsd

fkie_cve-2011-1126

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature