VUPEN Vulnerability Research Team discovered a vulnerability in VMware products. The flaw is caused by a heap overflow error in the VMnc media codec when processing malformed AVI files, which could be exploited by attackers to potentially execute arbitrary code by tricking a user into opening a malicious movie file.
2e72f86909afe0ec5a35355727f65dd08935da73341f14fd695e4cc7bc581331
Secunia Research has discovered a vulnerability in multiple VMWare products, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in vmnc.dll when processing HexTile encoded video chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code by tricking a user into opening a specially crafted AVI file.
51f3c7fde9ec1243f3e24e712b834af517fb1633907eceaade5df15ac236b860
VMware Security Advisory - VMware hosted products, vCenter Server and ESX patches resolve multiple security issues.
e16687d5cfca70a16709fd562f838d84c272a3a7b70eda5f2039b595265b5db8