VMware VIX API Multiple Unspecified Buffer Overflow Vulnerabilities

VMware VIX API is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers.

Successfully exploiting these issues will allow attackers on guest systems to execute arbitrary code on the host computer or the service console of an ESX server. Failed exploit attempts will likely crash the application.

VMware VIX API 1.1.4 and prior versions are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus