VYPR
Unrated severityNVD Advisory· Published Sep 8, 2009· Updated Jun 16, 2026

CVE-2009-2628

CVE-2009-2628

Description

The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • VMware/Ace3 versions
    cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*
    • (no CPE)range: < 6.5.3 build 185404
  • VMware/Player4 versions
    cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*
    • (no CPE)range: >= 2.5.0, < 2.5.3 build 185404
  • cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*
    • (no CPE)range: >= 6.5.0, < 6.5.3 build 185404

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.