CVE-2014-1209

CVE Database · CVE-2014-1209

CVE-2014-1209

· N/AModified

CVSS v3.1

N/A

EPSS

3.74%

Published

Apr 11, 2014

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.

Weaknesses (CWE)

CWE-20

Affected Products (4)

vmware · vsphere_clientvulnerable

References (2)

http://www.vmware.com/security/advisories/VMSA-2014-0003.html

Vendor Advisory

http://www.vmware.com/security/advisories/VMSA-2014-0003.html

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs