VMware Workstation and Horizon View Client CVE-2017-4910 Remote Code Execution Vulnerability

VMware Workstation and Horizon View Client are prone to a remote code-execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions.

The following products are vulnerable:

VMware Horizon View Client 7.x versions prior to 7.1.0
VMware Horizon View Client 6.2.x versions prior to 6.2.4
VMware Workstation 12.x versions prior to 12.5.3


Bugtraq ID: 97913
Class: Boundary Condition Error
CVE: CVE-2017-4910

Remote: Yes
Local: No
Published: Apr 18 2017 12:00AM
Updated: Apr 18 2017 12:00AM
Credit: Ke Liu of Tencent's Xuanwu Lab and Giwan Go of STEALIEN working with ZDI
Vulnerable: VMWare Workstation 12.0
VMWare Horizon View Client 6.2
VMWare Horizon View Client 7.0

Not Vulnerable: VMWare Workstation 12.5.3
VMWare Horizon View Client 7.1
VMWare Horizon View Client 6.2.4

Related Posts