CVE-2005-4459
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, a
CVSS
10.0
No CVSS
EPSS
14.1%
p96
KEV
—
Exploit Today
29
0-100
Published: Dec 21, 2005 · Last modified: Jul 7, 2026 · CWE-119
13.7%EPSS · 30 days14.1%
2026-06-302026-07-16
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
- lists.grok.org.ukhttp://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html
- secunia.comhttp://secunia.com/advisories/18162
- secunia.comhttp://secunia.com/advisories/18344
- securityreason.comhttp://securityreason.com/securityalert/282
- securityreason.comhttp://securityreason.com/securityalert/289
- securitytracker.comhttp://securitytracker.com/id?1015401
- www.gentoo.orghttp://www.gentoo.org/security/en/glsa/glsa-200601-04.xml
- www.kb.cert.orghttp://www.kb.cert.org/vuls/id/856689
- www.securityfocus.comhttp://www.securityfocus.com/archive/1/419997/100/0/threaded
- www.securityfocus.comhttp://www.securityfocus.com/archive/1/420017/100/0/threaded
- www.securityfocus.comhttp://www.securityfocus.com/bid/15998
- www.vmware.comhttp://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000
- www.vupen.comhttp://www.vupen.com/english/advisories/2005/3013
- lists.grok.org.ukhttp://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html
- secunia.comhttp://secunia.com/advisories/18162
- secunia.comhttp://secunia.com/advisories/18344
- securityreason.comhttp://securityreason.com/securityalert/282
- securityreason.comhttp://securityreason.com/securityalert/289
- securitytracker.comhttp://securitytracker.com/id?1015401
- www.gentoo.orghttp://www.gentoo.org/security/en/glsa/glsa-200601-04.xml
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-312778.8 HIG71.0%
KEV—71Apple Multiple Products Buffer Overflow Vulnerability2dCVE-2011-40454.3 NO 88.5%
——27Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.7dCVE-2025-434338.8 HIG62.4%
——19The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption.2dCVE-2025-432146.5 MED57.6%
——17The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.2dCVE-2025-434414.3 MED55.9%
——17The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.2dCVE-2026-156968.8 HIG52.3%
——16A vulnerability has been found in Tenda BE12 Pro 16.03.66.23. The impacted element is the function fromVirtualSer of the file /goform/VirtualSer. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.2d