Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Horizon Client for Windows by VMware

    CVE-2017-4948 (GCVE-0-2017-4948)

    Vulnerability from nvd – Published: 2018-01-05 14:00 – Updated: 2024-09-16 23:31
    VLAI
    Summary
    VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.
    Severity
    No CVSS data available.
    CWE
    • Out-of-bounds read
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1040109 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id/1040108 vdb-entryx_refsource_SECTRACK
    https://www.vmware.com/us/security/advisories/VMS… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102441 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040136 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    VMware Workstation Affected: 14.x before 14.1.0
    Affected: 12.x
    Create a notification for this product.
    VMware Horizon Client for Windows Affected: 4.x before 4.7.0
    Create a notification for this product.
    Date Public
    2018-01-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:47:43.770Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040109"
              },
              {
                "name": "1040108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040108"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html"
              },
              {
                "name": "102441",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102441"
              },
              {
                "name": "1040136",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040136"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Workstation",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.x before 14.1.0"
                },
                {
                  "status": "affected",
                  "version": "12.x"
                }
              ]
            },
            {
              "product": "Horizon Client for Windows",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.x before 4.7.0"
                }
              ]
            }
          ],
          "datePublic": "2018-01-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-13T10:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "name": "1040109",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040109"
            },
            {
              "name": "1040108",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040108"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html"
            },
            {
              "name": "102441",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102441"
            },
            {
              "name": "1040136",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040136"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "DATE_PUBLIC": "2018-01-04T00:00:00",
              "ID": "CVE-2017-4948",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "14.x before 14.1.0"
                              },
                              {
                                "version_value": "12.x"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Horizon Client for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.x before 4.7.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040109",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040109"
                },
                {
                  "name": "1040108",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040108"
                },
                {
                  "name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html"
                },
                {
                  "name": "102441",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102441"
                },
                {
                  "name": "1040136",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040136"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2017-4948",
        "datePublished": "2018-01-05T14:00:00.000Z",
        "dateReserved": "2016-12-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:31:06.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-4948 (GCVE-0-2017-4948)

    Vulnerability from cvelistv5 – Published: 2018-01-05 14:00 – Updated: 2024-09-16 23:31
    VLAI
    Summary
    VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.
    Severity
    No CVSS data available.
    CWE
    • Out-of-bounds read
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1040109 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id/1040108 vdb-entryx_refsource_SECTRACK
    https://www.vmware.com/us/security/advisories/VMS… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/102441 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1040136 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    VMware Workstation Affected: 14.x before 14.1.0
    Affected: 12.x
    Create a notification for this product.
    VMware Horizon Client for Windows Affected: 4.x before 4.7.0
    Create a notification for this product.
    Date Public
    2018-01-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:47:43.770Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1040109",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040109"
              },
              {
                "name": "1040108",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040108"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html"
              },
              {
                "name": "102441",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/102441"
              },
              {
                "name": "1040136",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1040136"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Workstation",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.x before 14.1.0"
                },
                {
                  "status": "affected",
                  "version": "12.x"
                }
              ]
            },
            {
              "product": "Horizon Client for Windows",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.x before 4.7.0"
                }
              ]
            }
          ],
          "datePublic": "2018-01-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-01-13T10:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "name": "1040109",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040109"
            },
            {
              "name": "1040108",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040108"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html"
            },
            {
              "name": "102441",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/102441"
            },
            {
              "name": "1040136",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1040136"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "DATE_PUBLIC": "2018-01-04T00:00:00",
              "ID": "CVE-2017-4948",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "14.x before 14.1.0"
                              },
                              {
                                "version_value": "12.x"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Horizon Client for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.x before 4.7.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1040109",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040109"
                },
                {
                  "name": "1040108",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040108"
                },
                {
                  "name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html"
                },
                {
                  "name": "102441",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/102441"
                },
                {
                  "name": "1040136",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1040136"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2017-4948",
        "datePublished": "2018-01-05T14:00:00.000Z",
        "dateReserved": "2016-12-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:31:06.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }