fkie_nvd - fkie_cve-2017-4936

fkie_cve-2017-4936

Vulnerability from fkie_nvd

Published

2017-11-17 14:29

Modified

2025-04-20 01:37

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.

References

URL	Tags
security@vmware.com	http://www.securityfocus.com/bid/101892	Third Party Advisory, VDB Entry
security@vmware.com	http://www.securitytracker.com/id/1039835	Third Party Advisory, VDB Entry
security@vmware.com	http://www.securitytracker.com/id/1039836	Third Party Advisory, VDB Entry
security@vmware.com	https://www.vmware.com/security/advisories/VMSA-2017-0018.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101892	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039835	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039836	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.vmware.com/security/advisories/VMSA-2017-0018.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
vmware	workstation	12.0.0
vmware	workstation	12.0.1
vmware	workstation	12.1
vmware	workstation	12.1.1
vmware	workstation	12.5
vmware	workstation	12.5.1
vmware	workstation	12.5.2
vmware	workstation	12.5.3
vmware	workstation	12.5.4
vmware	workstation	12.5.5
vmware	workstation	12.5.6
vmware	workstation	12.5.7
vmware	horizon_view	4.0.0
vmware	horizon_view	4.0.1
vmware	horizon_view	4.1
vmware	horizon_view	4.2
vmware	horizon_view	4.3
vmware	horizon_view	4.4
vmware	horizon_view	4.5
vmware	horizon_view	4.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4C2CB0-9A2B-46B2-9E75-2BADAE722BB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D38FB28D-8A42-4877-92AF-39EE04B14DB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "180E48AF-AD42-4A00-948A-9C1D70BE53F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C64A90-90A2-450A-8A79-AB69B5A939DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE6B9B4F-53C5-4B47-89C4-AD221DC91D44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E293B67-98C3-4D8E-883C-2F2F774AE6F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB307F39-3A90-4B62-B2BF-0E0CEBBBBC9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "838C7C08-15ED-4379-8A5B-9419D13AE7FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C064187-0870-4672-9D64-92D643FA9C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "60F08698-0194-4892-9A46-93C53C0C660B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "287275D4-E311-4A1B-BC5C-2FB3A64691E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:12.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED552760-4DB1-4E56-B6C1-23E053858055",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.0.0:*:*:*:*:windows:*:*",
              "matchCriteriaId": "FACC8634-05E5-44D6-8020-5148E66C2434",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.0.1:*:*:*:*:windows:*:*",
              "matchCriteriaId": "D67A6B2F-D6BD-41C9-81DF-B28AEACB4435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.1:*:*:*:*:windows:*:*",
              "matchCriteriaId": "291360AF-C8C5-4E99-9FAE-E3BFFD50C18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.2:*:*:*:*:windows:*:*",
              "matchCriteriaId": "A6FB33DA-7A42-4383-9061-228C24AACF31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.3:*:*:*:*:windows:*:*",
              "matchCriteriaId": "524D0D00-7E4D-4400-870C-033180282C80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.4:*:*:*:*:windows:*:*",
              "matchCriteriaId": "075928E9-A640-4612-800E-2D24ADA1F541",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.5:*:*:*:*:windows:*:*",
              "matchCriteriaId": "6EF0E241-64D2-439C-8B34-42A8FC1A218E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:horizon_view:4.6:*:*:*:*:windows:*:*",
              "matchCriteriaId": "C06AE4BF-C2A0-477B-A88D-5E9EA482F775",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client."
    },
    {
      "lang": "es",
      "value": "VMware Workstation (en versiones 12.x anteriores a la 12.5.8) y Horizon View Client para Windows (en versiones 4.x anteriores a la 4.6.1) contienen una vulnerabilidad de lectura fuera de l\u00edmites en el analizador JPEG2000 en TPView.dll. En Workstation, esto puede permitir que un invitado ejecute c\u00f3digo o provoque una denegaci\u00f3n de servicio en el sistema operativo Windows que ejecuta Workstation. En el caso de Horizon View Client, esto puede permitir que una opci\u00f3n \"Ver escritorio\" ejecute c\u00f3digo o provoque una denegaci\u00f3n de servicio en el sistema operativo que ejecuta Horizon View Client."
    }
  ],
  "id": "CVE-2017-4936",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.1,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-11-17T14:29:00.623",
  "references": [
    {
      "source": "security@vmware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101892"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039835"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039836"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.vmware.com/security/advisories/VMSA-2017-0018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101892"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.vmware.com/security/advisories/VMSA-2017-0018.html"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2017-4936 (GCVE-0-2017-4936)

Vulnerability from cvelistv5

Published

2017-11-17 14:00

Modified

2024-09-17 00:26

Severity ?

CWE

Out-of-bounds read vulnerability

Summary

References

URL

Tags

	https://www.vmware.com/security/advisories/VMSA-2017-0018.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039836	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/101892	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1039835	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

VMware

Workstation

Version: 12.x before 12.5.8

VMware

Horizon View Client for Windows

Version: 4.x before 4.6.1

Show details on NVD website