Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6410Improper Restriction of Operations within the Bounds of a Memory Buffer in Vmware Workstation

4 documents4 sources
Severity
4.6MEDIUMNVD
EPSS
0.2%
top 56.31%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Vmware Workstation
Timeline
PublishedDec 10
Latest updateMay 1

Description

Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-p7m7-3xr3-3w7g: Buffer overflow in an ActiveX control in VMWare 52022-05-01
CVEList
CVE-2006-6410: Buffer overflow in an ActiveX control in VMWare 52006-12-10

💥Exploits & PoCs

1
Exploit-DB
VMware 5.5.1 - 'ActiveX' Local Buffer Overflow2006-08-27
CVE-2006-6410 — Vmware Workstation vulnerability | cvebase