Heap-based Buffer Overflow in VMware Workstation and Related Products
CVE-2009-0909

Currently unrated

Key Information:

Vendor: Vmware
Status: Ace; Player; Workstation; Server
Vendor: CVE Published:; 6 April 2009

Summary

A heap-based buffer overflow vulnerability exists in the encoding process of the VNnc Codec in various VMware products. This issue allows remote attackers to execute arbitrary code on affected systems by tricking users into opening crafted web pages or video files. Attackers can exploit this flaw to compromise the security of the system, making it crucial for users to apply the necessary patches provided by VMware to mitigate the risks associated with this vulnerability.

References

http://security.gentoo.org/glsa/glsa-201209-25.xml

vendor-advisoryx_refsource_GENTOO

http://seclists.org/fulldisclosure/2009/Apr/0036.html

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/bid/34373

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 6, 2009
Vulnerability Reserved
Mar 14, 2009