Format String Vulnerability in VMware OVF Tool and VMware Products
CVE-2012-3569

Currently unrated

Key Information:

Vendor
Vmware
Status
Vendor
CVE Published:
14 November 2012

Summary

A format string vulnerability exists in VMware OVF Tool 2.1 on Windows, affecting users of VMware Workstation and VMware Player prior to specified versions. This weakness allows remote attackers to take advantage of crafted OVF files that may lead to the execution of arbitrary code if successfully manipulated by a user. It poses a significant risk, particularly in environments where user-assisted actions are performed without adequate security measures.

References

EPSS Score

80% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.