Intrusion Prevention



VMware contains multiple remote code execution vulnerabilities in the 'vielib.dll' ActiveX control. They are a result of the CreateProcess() and CreateProcessEx() functions not validating their arguments. They can be exploited by an attacker, via specially crafted HTML, to execute arbitrary code on a victim's computer with the privileges of the target user.

Affected Products

VMWare Workstation 6.0
VMWare Workstation 5.5.4
VMWare Server 1.0.3
VMWare Player 2.0
VMWare Player 1.0.4
VMWare ACE 2.0
VMWare ACE 1.0.3


System compromise: arbitrary code execution.

Recommended Actions

VMware Workstation 6.0.0 upgrade to version 6.0.1
VMware Workstation 5.5.4 upgrade to version 5.5.5
VMware Player 2.0.0 upgrade to version 2.0.1
VMware Player 1.0.4 upgrade to version 1.0.5
VMware Server 1.0.3 upgrade to version 1.0.4
VMware ACE 2.0.0 upgrade to version 2.0.1
VMware ACE 1.0.3 upgrade to version 1.0.4

CVE References