CVE-2017-4908
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2017-4908. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.
Available Exploits
Related News
Affected Products
Affected Versions:
Affected Versions:
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
References
Advisory provided by GitHub Security Advisory Database. Published: May 17, 2022, Modified: May 17, 2022