VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4278)