10

CVE-2009-3732

Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMwareAce Version >= 2.5.0 < 2.5.4
   MicrosoftWindows Version-
VMwareAce Version2.6
   MicrosoftWindows Version-
VMwarePlayer Version >= 2.5.0 < 2.5.4
   MicrosoftWindows Version-
VMwarePlayer Version3.0
   MicrosoftWindows Version-
VMwareServer Version >= 2.0.0 <= 2.0.2
   MicrosoftWindows Version-
VMwareWorkstation Version >= 6.5.0 < 6.5.4
   MicrosoftWindows Version-
VMwareWorkstation Version7.0
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 30.07% 0.965
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.