Heap Memory Corruption in VMware Movie Decoder and Workstation
CVE-2009-2628

Currently unrated

Key Information:

Vendor

Vmware
Status
Ace
Player
Workstation
Movie Decoder
Vendor
CVE Published:
8 September 2009

What is CVE-2009-2628?

The VMware Movie Decoder's handling of small heights in video content within AVI files can be exploited by remote attackers. This exploitation can lead to arbitrary code execution through heap memory corruption when users process specially crafted video files.

References

http://lists.vmware.com/pipermail/security-announce/2009/...
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/36290
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/506286/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.