Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VMware Workstation权限许可和访问控制漏洞
Vulnerability Description
VMware Workstation Player是美国威睿(VMware)公司的一套免费的简易虚拟机软件。该软件可提供简单的虚拟机功能。 VMware Workstation 7.1.2 build 301548之前的7.x版本和VMware Player 3.1.2 build 301548之前的3.x版本中的安装程序加载了一个不在当前工作目录的"index.htm"文件,如果在其安装目录下放置这个HTML文件,该文件就会被渲染。本地用户可以借助创建该文件来触发不可预料的web脚本或HTML译码。
CVSS Information
N/A
Vulnerability Type
N/A