VMware View privilege escalation and cross-site scripting

a. VMware Virtual Desktop Display Driver Privilege EscalationThe VMware XPDM and WDDM display drivers contain buffer overflow vulnerabilities and the XPDM display driver does not properly check for NULL pointers. Exploitation of these issues may lead to local privilege escalation on View virtual desktops.VMware would like to thank Tarjei Mandt for reporting theses issues to us.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-1509 (XPDM buffer overrun),CVE-2012-1510 (WDDM buffer overrun) and CVE-2012-1508 (XPDM null point dereference) to these issues.Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.