Heap-based Buffer Overflow in VMware Products
CVE-2005-4459

Currently unrated

Key Information:

Vendor

Vmware
Status
Gsx Server
Ace
Workstation
Player
Vendor
CVE Published:
21 December 2005

What is CVE-2005-4459?

A heap-based buffer overflow exists in the NAT networking components of VMware products, including VMware Workstation, GSX Server, ACE, and Player. This vulnerability allows remote authenticated attackers, including guests on the virtual machines, to execute arbitrary code. Exploitation occurs through specially crafted EPRT and PORT FTP commands, leading to potential unauthorized access and control of affected systems.

References

http://secunia.com/advisories/18344
third-party-advisoryx_refsource_SECUNIA
http://securityreason.com/securityalert/282
third-party-advisoryx_refsource_SREASON
http://www.vupen.com/english/advisories/2005/3013
vdb-entryx_refsource_VUPEN

EPSS Score

63% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2005-4459 : Heap-based Buffer Overflow in VMware Products