Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2020-3989 CVE-2020-3990 CVE-2020-3988 CVE-2020-3987 CVE-2020-3986 |
CWE-ID | CWE-119 CWE-190 CWE-125 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
VMware Horizon Client Client/Desktop applications / Software for system administration VMware Workstation Client/Desktop applications / Virtualization software |
Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU46758
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-3989
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in Cortado ThinPrint component. A remote authenticated attacker can trigger memory corruption and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Horizon Client: 5.0.0 - 5.4.3
VMware Workstation: 15.0.0 - 15.5.6
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-1177/
http://www.vmware.com/security/advisories/VMSA-2020-0020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU46757
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-3990
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the system.
The vulnerability exists due to integer overflow in Cortado ThinPrint component. A remote authenticated attacker can pass specially crafted data to the application, trigger integer overflow and gain access to sensitive information on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Horizon Client: 5.0.0 - 5.4.3
VMware Workstation: 15.0.0 - 15.5.6
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-1178/
http://www.vmware.com/security/advisories/VMSA-2020-0020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU46756
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-3988
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the Cortado ThinPrint component in JPEG2000 parser. A remote authenticated attacker can use a specially crafted EMF file, trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Horizon Client: 5.0.0 - 5.4.3
VMware Workstation: 15.0.0 - 15.5.6
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-1181/
http://www.vmware.com/security/advisories/VMSA-2020-0020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU46755
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-3987
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the Cortado ThinPrint component in EMR STRETCHDIBITS parser. A remote authenticated attacker can use a specially crafted EMF file, trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Horizon Client: 5.0.0 - 5.4.3
VMware Workstation: 15.0.0 - 15.5.6
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-1180/
http://www.vmware.com/security/advisories/VMSA-2020-0020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU46754
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-3986
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the Cortado ThinPrint component in EMF parser. A remote authenticated attacker can use a specially crafted EMF file, trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Horizon Client: 5.0.0 - 5.4.3
VMware Workstation: 15.0.0 - 15.5.6
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-1179/
http://www.vmware.com/security/advisories/VMSA-2020-0020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.