CVE-2009-0909

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 6.5.x before 6.5.2 build 156735 VMware Player versions 2.5.x before 2.5.2 build 156735 VMware ACE versions 2.5.x before 2.5.2 build 156735 VMware Server versions 2.0.x before 2.0.1 build 156745

Description A heap-based buffer overflow in the VNnc Codec allows remote attackers to execute arbitrary code via a crafted web page or video file.

Recommendations For VMware Workstation versions 6.5.x before 6.5.2 build 156735, update to version 6.5.2 build 156735 or later. For VMware Player versions 2.5.x before 2.5.2 build 156735, update to version 2.5.2 build 156735 or later. For VMware ACE versions 2.5.x before 2.5.2 build 156735, update to version 2.5.2 build 156735 or later. For VMware Server versions 2.0.x before 2.0.1 build 156745, update to version 2.0.1 build 156745 or later.