{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2011-1787","title":"Title"},{"category":"description","text":"Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2011-1787","url":"https://www.suse.com/security/cve/CVE-2011-1787"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 673267 for CVE-2011-1787","url":"https://bugzilla.suse.com/673267"},{"category":"external","summary":"SUSE Bug 698172 for CVE-2011-1787","url":"https://bugzilla.suse.com/698172"}],"title":"SUSE CVE CVE-2011-1787","tracking":{"current_release_date":"2025-03-16T14:20:23Z","generator":{"date":"2023-02-15T05:53:15Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2011-1787","initial_release_date":"2023-02-15T05:53:15Z","revision_history":[{"date":"2023-02-15T05:53:15Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:06:01Z","number":"3","summary":"Current version"},{"date":"2025-03-14T07:48:45Z","number":"4","summary":"Current version"},{"date":"2025-03-16T14:20:23Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product":{"name":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-ltss:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP4 LTSS","product":{"name":"SUSE Linux Enterprise Server 11 SP4 LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles_ltss:11:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15-ESPOS","product":{"name":"SUSE Linux Enterprise Server 15-ESPOS","product_id":"SUSE Linux Enterprise Server 15-ESPOS","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc-espos:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15-LTSS","product":{"name":"SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15"}}},{"category":"product_version","name":"libvmtools-devel","product":{"name":"libvmtools-devel","product_id":"libvmtools-devel","product_identification_helper":{"cpe":"cpe:2.3:a:vmware:open-vm-tools:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libvmtools-devel@?upstream=open-vm-tools.src.rpm"}}},{"category":"product_version","name":"libvmtools0","product":{"name":"libvmtools0","product_id":"libvmtools0","product_identification_helper":{"cpe":"cpe:2.3:a:vmware:open-vm-tools:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libvmtools0@?upstream=open-vm-tools.src.rpm"}}},{"category":"product_version","name":"open-vm-tools","product":{"name":"open-vm-tools","product_id":"open-vm-tools","product_identification_helper":{"cpe":"cpe:2.3:a:vmware:open-vm-tools:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/open-vm-tools@?upstream=open-vm-tools.src.rpm"}}},{"category":"product_version","name":"open-vm-tools-desktop","product":{"name":"open-vm-tools-desktop","product_id":"open-vm-tools-desktop","product_identification_helper":{"cpe":"cpe:2.3:a:vmware:open-vm-tools:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/open-vm-tools-desktop@?upstream=open-vm-tools.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libvmtools-devel as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:libvmtools-devel"},"product_reference":"libvmtools-devel","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libvmtools0 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:libvmtools0"},"product_reference":"libvmtools0","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:open-vm-tools"},"product_reference":"open-vm-tools","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools-desktop as component of SUSE Linux Enterprise High Performance Computing 15-LTSS","product_id":"SUSE Linux Enterprise High Performance Computing 15-LTSS:open-vm-tools-desktop"},"product_reference":"open-vm-tools-desktop","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools as component of SUSE Linux Enterprise Server 11 SP4 LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS:open-vm-tools"},"product_reference":"open-vm-tools","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools as component of SUSE Linux Enterprise Server 15-ESPOS","product_id":"SUSE Linux Enterprise Server 15-ESPOS:open-vm-tools"},"product_reference":"open-vm-tools","relates_to_product_reference":"SUSE Linux Enterprise Server 15-ESPOS"},{"category":"default_component_of","full_product_name":{"name":"libvmtools-devel as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:libvmtools-devel"},"product_reference":"libvmtools-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libvmtools0 as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:libvmtools0"},"product_reference":"libvmtools0","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:open-vm-tools"},"product_reference":"open-vm-tools","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools-desktop as component of SUSE Linux Enterprise Server 15-LTSS","product_id":"SUSE Linux Enterprise Server 15-LTSS:open-vm-tools-desktop"},"product_reference":"open-vm-tools-desktop","relates_to_product_reference":"SUSE Linux Enterprise Server 15-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libvmtools-devel as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:libvmtools-devel"},"product_reference":"libvmtools-devel","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"libvmtools0 as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:libvmtools0"},"product_reference":"libvmtools0","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:open-vm-tools"},"product_reference":"open-vm-tools","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"open-vm-tools-desktop as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:open-vm-tools-desktop"},"product_reference":"open-vm-tools-desktop","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"}]},"vulnerabilities":[{"cve":"CVE-2011-1787","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2011-1787"}],"notes":[{"category":"general","text":"Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.","title":"CVE description"}],"product_status":{"known_not_affected":["SUSE Linux Enterprise High Performance Computing 15-LTSS:libvmtools-devel","SUSE Linux Enterprise High Performance Computing 15-LTSS:libvmtools0","SUSE Linux Enterprise High Performance Computing 15-LTSS:open-vm-tools","SUSE Linux Enterprise High Performance Computing 15-LTSS:open-vm-tools-desktop","SUSE Linux Enterprise Server 11 SP4 LTSS:open-vm-tools","SUSE Linux Enterprise Server 15-ESPOS:open-vm-tools","SUSE Linux Enterprise Server 15-LTSS:libvmtools-devel","SUSE Linux Enterprise Server 15-LTSS:libvmtools0","SUSE Linux Enterprise Server 15-LTSS:open-vm-tools","SUSE Linux Enterprise Server 15-LTSS:open-vm-tools-desktop","SUSE Linux Enterprise Server for SAP Applications 15:libvmtools-devel","SUSE Linux Enterprise Server for SAP Applications 15:libvmtools0","SUSE Linux Enterprise Server for SAP Applications 15:open-vm-tools","SUSE Linux Enterprise Server for SAP Applications 15:open-vm-tools-desktop"]},"references":[{"category":"external","summary":"CVE-2011-1787","url":"https://www.suse.com/security/cve/CVE-2011-1787"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 673267 for CVE-2011-1787","url":"https://bugzilla.suse.com/673267"},{"category":"external","summary":"SUSE Bug 698172 for CVE-2011-1787","url":"https://bugzilla.suse.com/698172"}],"threats":[{"category":"impact","date":"2013-06-28T06:01:45Z","details":"moderate"}],"title":"CVE-2011-1787"}]}