CVE-2010-1139

CVE Database · CVE-2010-1139

CVE-2010-1139

· N/AModified

CVSS v3.1

N/A

EPSS

0.33%

Published

Apr 12, 2010

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.

Weaknesses (CWE)

CWE-134

Affected Products (22)

vmware · workstationvulnerable