Unrated severityNVD Advisory· Published Apr 12, 2010· Updated Apr 29, 2026

CVE-2009-3732

Description

Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.

Affected products

VMware/Ace2 versions
cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*range: >=2.5.0,<2.5.4
- cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:*
VMware/Player2 versions
cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*range: >=2.5.0,<2.5.4
- cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*
VMware/Server
cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*
Range: >=2.0.0,<=2.0.2
VMware/Workstation2 versions
cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*range: >=6.5.0,<6.5.4
- cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.vmware.com/pipermail/security-announce/2010/000090.htmlnvdMailing ListPatchVendor Advisory
www.vmware.com/security/advisories/VMSA-2010-0007.htmlnvdPatchVendor Advisory
security.gentoo.org/glsa/glsa-201209-25.xmlnvdThird Party Advisory
archives.neohapsis.com/archives/bugtraq/2010-04/0077.htmlnvdBroken Link
archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.htmlnvdBroken Link
secunia.com/advisories/39110nvdNot Applicable

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.024
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000