Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Horizon View Client for Mac by VMware

    CVE-2017-4918 (GCVE-0-2017-4918)

    Vulnerability from nvd – Published: 2017-06-08 19:00 – Updated: 2024-08-05 14:47
    VLAI
    Summary
    VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.
    Severity
    No CVSS data available.
    CWE
    • Command injection vulnerability
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1038642 vdb-entryx_refsource_SECTRACK
    https://www.vmware.com/security/advisories/VMSA-2… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/98984 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    VMware Horizon View Client for Mac Affected: 2.x
    Affected: 3.x
    Affected: 4.x prior to 4.5.0
    Create a notification for this product.
    Date Public
    2017-06-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:47:43.194Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1038642",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038642"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html"
              },
              {
                "name": "98984",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/98984"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Horizon View Client for Mac",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.x"
                },
                {
                  "status": "affected",
                  "version": "3.x"
                },
                {
                  "status": "affected",
                  "version": "4.x prior to 4.5.0"
                }
              ]
            }
          ],
          "datePublic": "2017-06-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command injection vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-07T09:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "name": "1038642",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038642"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html"
            },
            {
              "name": "98984",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/98984"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "ID": "CVE-2017-4918",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Horizon View Client for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.x"
                              },
                              {
                                "version_value": "3.x"
                              },
                              {
                                "version_value": "4.x prior to 4.5.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command injection vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1038642",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038642"
                },
                {
                  "name": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html"
                },
                {
                  "name": "98984",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/98984"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2017-4918",
        "datePublished": "2017-06-08T19:00:00.000Z",
        "dateReserved": "2016-12-26T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:47:43.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-4918 (GCVE-0-2017-4918)

    Vulnerability from cvelistv5 – Published: 2017-06-08 19:00 – Updated: 2024-08-05 14:47
    VLAI
    Summary
    VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.
    Severity
    No CVSS data available.
    CWE
    • Command injection vulnerability
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1038642 vdb-entryx_refsource_SECTRACK
    https://www.vmware.com/security/advisories/VMSA-2… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/98984 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    VMware Horizon View Client for Mac Affected: 2.x
    Affected: 3.x
    Affected: 4.x prior to 4.5.0
    Create a notification for this product.
    Date Public
    2017-06-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:47:43.194Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1038642",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038642"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html"
              },
              {
                "name": "98984",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/98984"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Horizon View Client for Mac",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.x"
                },
                {
                  "status": "affected",
                  "version": "3.x"
                },
                {
                  "status": "affected",
                  "version": "4.x prior to 4.5.0"
                }
              ]
            }
          ],
          "datePublic": "2017-06-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command injection vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-07T09:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "name": "1038642",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038642"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html"
            },
            {
              "name": "98984",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/98984"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "ID": "CVE-2017-4918",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Horizon View Client for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.x"
                              },
                              {
                                "version_value": "3.x"
                              },
                              {
                                "version_value": "4.x prior to 4.5.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command injection vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1038642",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038642"
                },
                {
                  "name": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html"
                },
                {
                  "name": "98984",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/98984"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2017-4918",
        "datePublished": "2017-06-08T19:00:00.000Z",
        "dateReserved": "2016-12-26T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:47:43.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }