Use of Externally-Controlled Format String
CVE-2009-3732
Summary
Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.
- LOW
- NETWORK
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
CWE-134 - Use of Externally-Controlled Format String
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.
References
Advisory Timeline
- Published