Remote Denial of Service Vulnerability in VMware Authorization Service
CVE-2009-3707

Currently unrated

Key Information:

Vendor
Vmware
Status
Vendor
CVE Published:
16 October 2009

Summary

The VMware Authorization Service contains a vulnerability that could allow remote attackers to trigger a denial of service by sending specially crafted USER and PASS commands. This flaw relates to a format string issue that can cause the underlying process to crash, impacting the availability of the affected VMware products. Versions prior to VMware Workstation 7.0.1, VMware Player 3.0.1, VMware ACE 2.6.1, and VMware Server 2.x are particularly susceptible to this attack.

References

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.