PT-2006-7020 · Vmware · Vmware+1
C0Ntex
·
Published
2006-12-10
·
Updated
2018-10-17
·
CVE-2006-6410
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
VMWare version 5.5.1
Description
A buffer overflow issue exists in an ActiveX control, allowing local users to execute arbitrary code. This is achieved by passing a long
VmdbDb parameter to the Initialize function.Recommendations
For VMWare version 5.5.1, consider restricting access to the vulnerable ActiveX control until a patch is available. As a temporary workaround, avoid using the
VmdbDb parameter in the Initialize function to minimize the risk of exploitation.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vmware
Vmware Workstation