Lucene search

VmwareCVE-2017-4912

HistoryJun 08, 2017 - 1:29 p.m.

CVE-2017-4912

2017-06-0813:29:00

CWE-125

vmware

web.nvd.nist.gov

cve-2017-4912

vmware

workstation

horizon view client

truetype font

ttf parser

out-of-bounds read

vulnerability

code execution

dos

nvd

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.

Affected configurations

Nvd

Node

vmwarehorizon_viewMatch4.0

vmwarehorizon_viewMatch4.1

vmwarehorizon_viewMatch4.2

vmwarehorizon_viewMatch4.3

vmwareworkstationMatch12.0

vmwareworkstationMatch12.0.1

vmwareworkstationMatch12.1

vmwareworkstationMatch12.1.1

vmwareworkstationMatch12.5

vmwareworkstationMatch12.5.1

vmwareworkstationMatch12.5.2

VendorProductVersionCPE
vmwarehorizon_view4.0cpe:2.3:a:vmware:horizon_view:4.0:*:*:*:*:*:*:*
vmwarehorizon_view4.1cpe:2.3:a:vmware:horizon_view:4.1:*:*:*:*:*:*:*
vmwarehorizon_view4.2cpe:2.3:a:vmware:horizon_view:4.2:*:*:*:*:*:*:*
vmwarehorizon_view4.3cpe:2.3:a:vmware:horizon_view:4.3:*:*:*:*:*:*:*
vmwareworkstation12.0cpe:2.3:a:vmware:workstation:12.0:*:*:*:*:*:*:*
vmwareworkstation12.0.1cpe:2.3:a:vmware:workstation:12.0.1:*:*:*:*:*:*:*
vmwareworkstation12.1cpe:2.3:a:vmware:workstation:12.1:*:*:*:*:*:*:*
vmwareworkstation12.1.1cpe:2.3:a:vmware:workstation:12.1.1:*:*:*:*:*:*:*
vmwareworkstation12.5cpe:2.3:a:vmware:workstation:12.5:*:*:*:*:*:*:*
vmwareworkstation12.5.1cpe:2.3:a:vmware:workstation:12.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vmware	horizon_view	4.0	cpe:2.3:a:vmware:horizon_view:4.0:::::::*
vmware	horizon_view	4.1	cpe:2.3:a:vmware:horizon_view:4.1:::::::*
vmware	horizon_view	4.2	cpe:2.3:a:vmware:horizon_view:4.2:::::::*
vmware	horizon_view	4.3	cpe:2.3:a:vmware:horizon_view:4.3:::::::*
vmware	workstation	12.0	cpe:2.3:a:vmware:workstation:12.0:::::::*
vmware	workstation	12.0.1	cpe:2.3:a:vmware:workstation:12.0.1:::::::*
vmware	workstation	12.1	cpe:2.3:a:vmware:workstation:12.1:::::::*
vmware	workstation	12.1.1	cpe:2.3:a:vmware:workstation:12.1.1:::::::*
vmware	workstation	12.5	cpe:2.3:a:vmware:workstation:12.5:::::::*
vmware	workstation	12.5.1	cpe:2.3:a:vmware:workstation:12.5.1:::::::*

Rows per page:

1-10 of 111

CNA Affected

[
  {
    "product": "Workstation",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "12.x prior to 12.5.3"
      }
    ]
  },
  {
    "product": "Horizon View Client for Windows",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "4.x prior to 4.4.0"
      }
    ]
  }
]

References

www.securityfocus.com/bid/97921

www.securitytracker.com/id/1038280

www.securitytracker.com/id/1038281

www.vmware.com/security/advisories/VMSA-2017-0008.html

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON

Related for CVE-2017-4912