Multiple VMWare products running on Windows platforms with Shared Folders are vulnerable to a directory traversal attack. If an attacker can has access to a guest operating system they can exploit the vulnerability to gain write access to the underlying hosting system. This obviously opens the door for a multitude of attacks.
Until a patch is released users on Windows are advised to disable any Shared Folders that they may have configured.
The original advisory is at:http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004034