Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 497832

Summary: <app-emulation/vmware-{player-5.0.3,workstation-9.0.3}: Priv escalation (CVE-2013-5972)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: vadimk
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~1 [ebuild]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2014-01-11 22:28:59 UTC 
CVE-2013-5972 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5972):
  VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on
  Linux do not properly handle shared libraries, which allows host OS users to
  gain host OS privileges via unspecified vectors.
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2014-04-12 18:51:14 UTC 
Bumped and all vulnerable versions removed. Thanks.
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2016-03-01 13:47:47 UTC 
vulnerable versions removed years ago.  No GLSA as the original package versions were unstable and now removed