CVE-2014-1209

VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
vmwarevsphere_client
4.0
vmwarevsphere_client
4.1
vmwarevsphere_client
5.0
vmwarevsphere_client
5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.vmware.com/security/advisories/VMSA-2014-0003.html
http://www.vmware.com/security/advisories/VMSA-2014-0003.html