CVE-2017-4948

CWE-125Out-of-bounds ReadCWE-200Information Exposure3 documents3 sources
Severity
7.1HIGH
EPSS
0.0%
top 87.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Vmware Horizon ViewVmware Horizon Client FOR WindowsVmware Workstation
Timeline
PublishedJan 5
Latest updateMay 14

Description

VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of S

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

NVDvmware/horizon_view4.04.7
CVEListV5vmware/horizon_client_for_windows4.x before 4.7.0
CVEListV5vmware/workstation12.x, 14.x before 14.1.0+1
NVDvmware/workstation16 versions+15

Patches

Patch: www.vmware.comPatch: www.vmware.com

🔴Vulnerability Details

2
GHSA
GHSA-2436-v72x-5q8x: VMware Workstation (142022-05-14
CVEList
CVE-2017-4948: VMware Workstation (142018-01-05
CVE-2017-4948 (HIGH CVSS 7.1) | VMware Workstation (14.x before 14. | cvebase.io