CVE-2009-1565: Buffer Overflow
First published: Mon Apr 12 2010(Updated: )
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors."
Credit: PSIRT-CNA@flexerasoftware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Workstation and ESXi | =6.5.1 | |
| VMware Workstation and ESXi | =6.5.0 | |
| VMware Workstation and ESXi | =6.5.2 | |
| VMware Workstation and ESXi | =6.5.3 | |
| VMware Player | =2.5.1 | |
| VMware Player | =2.5.2 | |
| VMware Player | =2.5 | |
| VMware Player | =2.5.3 | |
| VMware Movie Decoder | =6.5.3 | |
| Microsoft Windows Operating System | ||
| VMware Server | =2.0.0 | |
| VMware Server | =2.0.1 | |
| VMware Server | =2.0.2 | |
| All of | ||
| VMware Movie Decoder | =6.5.3 | |
| Microsoft Windows Operating System | ||
| All of | ||
| Any of | ||
| VMware Server | =2.0.0 | |
| VMware Server | =2.0.1 | |
| VMware Server | =2.0.2 | |
| Microsoft Windows Operating System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/secunia_research/2009-37/
- http://secunia.com/advisories/39206
- http://secunia.com/advisories/36712
- http://lists.vmware.com/pipermail/security-announce/2010/000090.html
- http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
- http://secunia.com/advisories/39215
- http://www.vmware.com/security/advisories/VMSA-2010-0007.html
- http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
- http://www.osvdb.org/63615
- http://www.securityfocus.com/bid/39364
- http://www.securitytracker.com/id?1023838
Frequently Asked Questions
What is the severity of CVE-2009-1565?
CVE-2009-1565 is classified as a high-severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2009-1565?
To remediate CVE-2009-1565, upgrade to VMware Workstation 6.5.4 Build 246459, VMware Player 2.5.4 Build 246459, or apply the appropriate patches.
Which VMware products are affected by CVE-2009-1565?
CVE-2009-1565 affects VMware Workstation 6.5.0 to 6.5.3, VMware Player 2.5.0 to 2.5.3, and VMware Movie Decoder before version 6.5.4 Build 246459.
Can CVE-2009-1565 be exploited remotely?
Yes, CVE-2009-1565 can be exploited remotely, allowing attackers to execute arbitrary code on affected systems.
What is the impact of CVE-2009-1565 on system security?
The impact of CVE-2009-1565 on system security is significant as it allows attackers to gain control over vulnerable systems.
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/event
- agent/tags
- vendor/vmware
- canonical/vmware workstation and esxi
- version/vmware workstation and esxi/6.5.1
- version/vmware workstation and esxi/6.5.0
- version/vmware workstation and esxi/6.5.2
- version/vmware workstation and esxi/6.5.3
- canonical/vmware player
- version/vmware player/2.5.1
- version/vmware player/2.5.2
- version/vmware player/2.5
- version/vmware player/2.5.3
- canonical/vmware movie decoder
- version/vmware movie decoder/6.5.3
- vendor/microsoft
- canonical/microsoft windows operating system
- canonical/vmware server
- version/vmware server/2.0.0
- version/vmware server/2.0.1
- version/vmware server/2.0.2