Vulnerability Description
Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Workstation | 5.5.1 |
References
- http://securityreason.com/securityalert/2008
- http://www.open-security.org/advisories/17Vendor Advisory
- http://www.securityfocus.com/archive/1/452746/100/100/threaded
- http://www.securityfocus.com/archive/1/452775/100/100/threaded
- http://www.securityfocus.com/bid/19732
- https://www.exploit-db.com/exploits/2264
- http://securityreason.com/securityalert/2008
- http://www.open-security.org/advisories/17Vendor Advisory
- http://www.securityfocus.com/archive/1/452746/100/100/threaded
- http://www.securityfocus.com/archive/1/452775/100/100/threaded
- http://www.securityfocus.com/bid/19732
- https://www.exploit-db.com/exploits/2264
FAQ
What is CVE-2006-6410?
CVE-2006-6410 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Buffer overflow in an ActiveX control in VMWare 5.5.1 allows local users to execute arbitrary code via a long VmdbDb parameter to the Initialize function.
How severe is CVE-2006-6410?
CVE-2006-6410 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6410?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Workstation.