CVE-2017-4918

Name of the Vulnerable Software and Affected Versions VMware Horizon View Client versions 2.x through 4.x prior to 4.5.0

Description The issue is related to a lack of input sanitization in the script that starts services for the VMware Horizon View Client virtualization system. This could allow an unprivileged, remote attacker to escalate their privileges to a superuser. The vulnerability may be exploited to gain root access on Mac OSX systems where the client is installed.

Recommendations For versions 2.x through 4.x prior to 4.5.0, update to version 4.5.0 or later to resolve the issue.