Heap-based Buffer Overflow in VMware Movie Decoder and Workstation
CVE-2009-0199

Currently unrated

Key Information:

Vendor
Vmware
Status
Ace
Player
Workstation
Movie Decoder
Vendor
CVE Published:
8 September 2009

Summary

A heap-based buffer overflow flaw exists in the VMnc media codec, specifically within vmnc.dll in multiple VMware products prior to specified versions. This vulnerability could potentially allow attackers to execute arbitrary code on an affected system by tricking users into opening specially crafted video files with manipulated dimensions or framebuffer parameters. As a result, it poses significant risks for systems running impacted VMware software.

References

http://lists.vmware.com/pipermail/security-announce/2009/...
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/36290
vdb-entryx_refsource_BID
http://secunia.com/secunia_research/2009-25/
x_refsource_MISC

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.