Unrated severityNVD Advisory· Published Sep 8, 2009· Updated Jun 16, 2026
CVE-2009-2628
CVE-2009-2628
Description
The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*
- (no CPE)range: < 6.5.3 build 185404
cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*
- (no CPE)range: >= 6.5.0, < 6.5.3 build 185404
Patches
Vulnerability mechanics
References
7- lists.vmware.com/pipermail/security-announce/2009/000065.htmlnvdPatch
- www.securityfocus.com/bid/36290nvdPatch
- www.vmware.com/security/advisories/VMSA-2009-0012.htmlnvdPatchVendor Advisory
- secunia.com/advisories/34938nvdVendor Advisory
- www.vupen.com/english/advisories/2009/2553nvdVendor Advisory
- www.kb.cert.org/vuls/id/444513nvdUS Government Resource
- www.securityfocus.com/archive/1/506286/100/0/threadednvd
News mentions
0No linked articles in our index yet.