CVE-2009-4811

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 7.0 through 7.0.0 build 227600 VMware Workstation version 6.5.x through 6.5.3 build 246459 VMware Player versions 3.0 through 3.0.0 build 227600 VMware Player version 2.5.x through 2.5.3 build 246459 VMware ACE versions 2.6 through 2.6.0 build 227600 VMware ACE version 2.5.x through 2.5.3 build 246459 VMware Server version 2.x

Description The issue allows remote attackers to cause a denial of service (process crash) via a x25x90 sequence in the USER and PASS commands.

Recommendations For VMware Workstation versions 7.0 through 7.0.0 build 227600, update to version 7.0.1 build 227600 or later. For VMware Workstation version 6.5.x through 6.5.3 build 246459, update to version 6.5.4 build 246459 or later. For VMware Player versions 3.0 through 3.0.0 build 227600, update to version 3.0.1 build 227600 or later. For VMware Player version 2.5.x through 2.5.3 build 246459, update to version 2.5.4 build 246459 or later. For VMware ACE versions 2.6 through 2.6.0 build 227600, update to version 2.6.1 build 227600 or later. For VMware ACE version 2.5.x through 2.5.3 build 246459, update to version 2.5.4 build 246459 or later. For VMware Server version 2.x, update to a version that is not affected by this issue.