497832 – <app-emulation/vmware-{player-5.0.3,workstation-9.0.3}: Priv escalation (CVE-2013-5972)

Bug 497832 - <app-emulation/vmware-{player-5.0.3,workstation-9.0.3}: Priv escalation (CVE-2013-5972)

Summary: <app-emulation/vmware-{player-5.0.3,workstation-9.0.3}: Priv escalation (CVE-...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	~1 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2014-01-11 22:28 UTC by GLSAMaker/CVETool Bot
Modified:	2016-03-01 13:47 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2014-01-11 22:28:59 UTC

CVE-2013-5972 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5972):
  VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on
  Linux do not properly handle shared libraries, which allows host OS users to
  gain host OS privileges via unspecified vectors.

Comment 1 Andreas K. Hüttel archtester

2014-04-12 18:51:14 UTC

Bumped and all vulnerable versions removed. Thanks.

Comment 2 Aaron Bauman (RETIRED) gentoo-dev

2016-03-01 13:47:47 UTC

vulnerable versions removed years ago.  No GLSA as the original package versions were unstable and now removed