CVE-2005-4459

critical VMware
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
63.4%
Exploitation probability in 30 days
Top 2% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: December 21, 2005 (7448 days ago)
Last Modified: April 16, 2026
Vendor: VMware
Source: NVD

Description

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.

CWE

CWE-119

Affected Products

vmware acevmware gsx servervmware playervmware workstation

References

🔗 lists.grok.org.uk 🔗 secunia.com 🔗 secunia.com 🔗 securityreason.com 🔗 securityreason.com