PT-2009-2879 · Vmware · Vmware Player+4
Publicado
2009-09-08
·
Atualizado
2018-10-11
·
CVE-2009-0199
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Movie Decoder versions prior to 6.5.3 build 185404
VMware Workstation versions prior to 6.5.3 build 185404
VMware Player versions prior to 2.5.3 build 185404
VMware ACE versions prior to 2.5.3 build 185404
Description
The issue is related to a heap-based buffer overflow in the VMnc media codec. This could potentially allow remote attackers to execute arbitrary code via a video file with crafted dimensions, also referred to as framebuffer parameters.
Recommendations
For VMware Movie Decoder versions prior to 6.5.3 build 185404, update to version 6.5.3 build 185404 or later.
For VMware Workstation versions prior to 6.5.3 build 185404, update to version 6.5.3 build 185404 or later.
For VMware Player versions prior to 2.5.3 build 185404, update to version 2.5.3 build 185404 or later.
For VMware ACE versions prior to 2.5.3 build 185404, update to version 2.5.3 build 185404 or later.
Correção
RCE
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Vmnc Media Codec
Vmware Ace
Vmware Movie Decoder
Vmware Player
Vmware Workstation