VMware Remote Console Plug-in can be installed from WEB interface of VMware vSphere. This software contains of ActiveX objects and executable files for remote console of guest OS. VMrc vulnerable to format string attacks. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88321/DSECRG-09-053.txt
Source: https://packetstormsecurity.com/files/88321/VMware-Remote-Console-Format-String.html