a. UDF file system import remote code execution A buffer overflow vulnerability is present in the way UDF file systems are handled. This issue could allow for code execution if a user installs from a malicious ISO image that was specially crafted by an attacker. VMware would like to thank an anonymous contributor working with the SecuriTeam Secure Disclosure program for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-3868 to the issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.