Secunia Research has discovered a vulnerability in various VMWare products, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the VMnc codec (vmnc.dll) and can be exploited to cause a heap-based buffer overflow via a specially crafted video file with mismatched dimensions. Successful exploitation may allow execution of arbitrary code.
98e5779cd33d22ed50f6e62e505b39329741b8a8e9298122fffb91d95633ff4e
VMware Security Advisory - Several security issues are resolved with the latest VMnc codec. Affected are VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE.
dd5696c1d34d1408df31d1ca016b4f3885fb1dbc2e002879fa1d594acc1f3087