VUPEN Vulnerability Research Team discovered a vulnerability in VMware products. The flaw is caused by a heap overflow error in the VMnc media codec when processing malformed AVI files, which could be exploited by attackers to potentially execute arbitrary code by tricking a user into opening a malicious movie file.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88301/vmwaremd-overflow.txt
Source: https://packetstormsecurity.com/files/88301/VMware-Products-Movie-Decoder-Heap-Overflow.html