Medium severity5.5NVD Advisory· Published Jul 13, 2006· Updated Apr 16, 2026

CVE-2006-3547

Description

EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed

Affected products

VMware/Player
cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.osvdb.org/27524nvd
www.securityfocus.com/archive/1/437756/100/200/threadednvd
www.securityfocus.com/archive/1/437806/100/200/threadednvd
www.securityfocus.com/archive/1/437809/100/200/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000