CVE-2012-5051 (Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors.)
CVE-2012-5050 (Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
CVE-2012-4897 (Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory.)