Format String Vulnerability in VMware Remote Console Affects VMware
CVE-2009-3732

Currently unrated

Key Information:

Vendor: Vmware
Status: Ace; Player; Server; Workstation
Vendor: CVE Published:; 12 April 2010

Summary

A format string vulnerability exists in VMware Remote Console (vmware-vmrc.exe) build 158248. This flaw allows remote attackers to exploit the vulnerability through unspecified vectors, potentially leading to arbitrary code execution on the affected system. Users are advised to apply the necessary patches from VMware to mitigate this risk.

References

http://security.gentoo.org/glsa/glsa-201209-25.xml

vendor-advisoryx_refsource_GENTOO

http://lists.vmware.com/pipermail/security-announce/2010/...

mailing-listx_refsource_MLIST

http://archives.neohapsis.com/archives/bugtraq/2010-04/00...

mailing-listx_refsource_BUGTRAQ

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 12, 2010
Vulnerability Reserved
Oct 20, 2009