{"id":"UBUNTU-CVE-2014-4199","details":"vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.","modified":"2026-04-22T09:44:21.548496Z","published":"2014-08-28T15:14:00Z","related":["USN-7714-1"],"upstream":["CVE-2014-4199"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-4199"},{"type":"REPORT","url":"http://seclists.org/fulldisclosure/2014/Aug/71"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2014-4199"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7714-1"}],"affected":[{"package":{"name":"open-vm-tools","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/open-vm-tools@2:9.4.0-1280544-5ubuntu6.4+esm1?arch=source&distro=esm-infra-legacy/trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:9.4.0-1280544-5ubuntu6.4+esm1"}]}],"versions":["2013.09.16-1328054-0ubuntu1","2013.09.16-1328054-0ubuntu2","2013.09.16-1328054-0ubuntu4","2013.09.16-1328054-0ubuntu5","2013.09.16-1328054-0ubuntu6","2:9.4.0-1280544-5","2:9.4.0-1280544-5ubuntu1","2:9.4.0-1280544-5ubuntu2","2:9.4.0-1280544-5ubuntu4","2:9.4.0-1280544-5ubuntu5","2:9.4.0-1280544-5ubuntu6","2:9.4.0-1280544-5ubuntu6.2","2:9.4.0-1280544-5ubuntu6.4"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-dkms"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-dkms-lts-trusty"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-toolbox"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-toolbox-lts-trusty"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-tools"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-tools-desktop"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-tools-dkms"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-tools-lts-trusty"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-tools-lts-trusty-desktop"},{"binary_version":"2:9.4.0-1280544-5ubuntu6.4+esm1","binary_name":"open-vm-tools-lts-trusty-dkms"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-4199.json"}}],"schema_version":"1.7.5","severity":[{"type":"Ubuntu","score":"low"}]}