Vulnerability identifier: #VU46757
Vulnerability risk: Low
Exploitation vector: Network
Exploit availability: No
Vendor: VMware, Inc
The vulnerability allows a remote attacker to gain access to sensitive information on the system.
The vulnerability exists due to integer overflow in Cortado ThinPrint component. A remote authenticated attacker can pass specially crafted data to the application, trigger integer overflow and gain access to sensitive information on the target system.
Install updates from vendor's website.
Vulnerable software versions
VMware Horizon Client: 5.0.0, 5.1.0, 5.2.0, 5.3, 5.4, 5.4.1, 5.4.2, 5.4.3
VMware Workstation: 15.0.0, 15.0.1, 15.0.2, 15.0.3, 15.0.4, 15.1.0, 15.5.0, 15.5.1, 15.5.2, 15.5.5, 15.5.6
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.