414701 – (CVE-2012-2449) <app-emulation/vmware-{workstation-8.0.3,player-4.0.3} : Two Privilege Escalation Vulnerabilities (CVE-2012-{2449,2450})

Bug 414701 (CVE-2012-2449) - <app-emulation/vmware-{workstation-8.0.3,player-4.0.3} : Two Privilege Escalation Vulnerabilities (CVE-2012-{2449,2450})

Summary: <app-emulation/vmware-{workstation-8.0.3,player-4.0.3} : Two Privilege Escala...

Status:	RESOLVED FIXED

Alias:	CVE-2012-2449

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:	https://secunia.com/advisories/49032/
Whiteboard:	~1 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2012-05-05 10:10 UTC by Agostino Sarubbo
Modified:	2012-05-06 03:50 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2012-05-05 10:10:23 UTC

From secunia security advisory at $URL:

Description
Two vulnerabilities have been reported in VMware Workstation, VMware Player, and VMware Fusion, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

For more information see vulnerabilities #3 and #4 in:
https://secunia.com/advisories/49019/

The vulnerability is reported in the following products:
* VMware Workstation prior to 8.0.3.
* VMware Player prior to 4.0.3.
* VMware Fusion prior to 4.1.2.

Comment 1 Vadim Kuznetsov (RETIRED) gentoo-dev

2012-05-05 17:28:25 UTC

VMware Workstation 8.0.3 and VMware Player 4.0.3 are in the tree. Thanks.

Comment 2 Tim Sammut (RETIRED) gentoo-dev

2012-05-06 03:50:10 UTC

Great, thank you. Resolving noglsa.