The host is installed with VMware vSphere Client 5.0 before Update 3 or 5.1 before Update 2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows remote attackers to trigger the downloading and execution of an arbitrary program.