Unrated severityNVD Advisory· Published Nov 14, 2012· Updated Apr 29, 2026
CVE-2012-3569
CVE-2012-3569
Description
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.
Affected products
14cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:8.0.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.vmware.com/security/advisories/VMSA-2012-0015.htmlnvdPatchVendor Advisory
- osvdb.org/87117nvd
- packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.htmlnvd
- secunia.com/advisories/51240nvd
- technet.microsoft.com/en-us/security/msvr/msvr13-002nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/79922nvd
News mentions
0No linked articles in our index yet.