Pig

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 15.x Horizon Client for Windows versions 5.x before 5.4.4 Description: The issue is related to an out-of-bounds read in the Cortado ThinPrint component, specifically the JPEG2000 parser, which can be exploited by a malicious actor with normal access to a virtual machine. This could lead to a partial denial-of-service condition or memory leakage from the TPView process. The vulnerability may allow an attacker to gain unauthorized access to protected information and cause a denial of service. Recommendations: For VMware Workstation version 15.x, update to a version that includes the fix for the Cortado ThinPrint component vulnerability. For Horizon Client for Windows versions 5.x before 5.4.4, update to version 5.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the Cortado ThinPrint component until a patch is available.

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 15.x Horizon Client for Windows versions 5.x before 5.4.4 Description: The issue is related to an out-of-bounds read in the Cortado ThinPrint component's EMF Parser. A malicious actor with normal access to a virtual machine may exploit this to create a partial denial-of-service condition or leak memory from the TPView process. This could allow an attacker to gain unauthorized access to protected information and cause a denial of service. Recommendations: For VMware Workstation version 15.x, update to a version that includes the fix for the Cortado ThinPrint component's EMF Parser issue. For Horizon Client for Windows versions 5.x before 5.4.4, update to version 5.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the Cortado ThinPrint component to minimize the risk of exploitation.