Search for vulnerabilities
Vulnerability details: VCID-4wm6-we6u-aaap
Vulnerability ID VCID-4wm6-we6u-aaap
Aliases CVE-2010-1138
Summary The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process.
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00701 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00989 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00989 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00989 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.00989 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
epss 0.01019 https://api.first.org/data/v1/epss?cve=CVE-2010-1138
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2010-1138
Reference id Reference type URL
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
http://lists.vmware.com/pipermail/security-announce/2010/000090.html
http://osvdb.org/63607
https://api.first.org/data/v1/epss?cve=CVE-2010-1138
http://secunia.com/advisories/39203
http://secunia.com/advisories/39206
http://secunia.com/advisories/39215
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.securityfocus.com/bid/39395
http://www.securitytracker.com/id?1023836
http://www.vmware.com/security/advisories/VMSA-2010-0007.html
cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:2.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*
CVE-2010-1138 https://nvd.nist.gov/vuln/detail/CVE-2010-1138
GLSA-201209-25 https://security.gentoo.org/glsa/201209-25
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2010-1138
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.80701
EPSS Score 0.00701
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.