> VMware's scripting API allows a malicious script on the host machine to
> execute programs, open URLs, and perform other privileged operations on any
> guest operating system open at the console, without requiring any
> credentials on the guest operating system. Furthermore, the script can
> execu...
> execute programs, open URLs, and perform other privileged operations on any
> guest operating system open at the console, without requiring any
> credentials on the guest operating system. Furthermore, the script can
> execu...
[ more ]