PT-2017-2753 · Vmware · Vmware Horizon View+1

Published

2017-04-18

Updated

2017-07-11

CVE-2017-4907

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VMware Unified Access Gateway versions 2.5.x through 2.8.0 VMware Horizon View versions 6.x through 6.2.3 VMware Horizon View versions 7.x through 7.0.x

Description The issue is caused by a heap buffer-overflow, which may allow a remote attacker to execute code on the security gateway. This can potentially enable an attacker to run arbitrary code on the device.

Recommendations For VMware Unified Access Gateway versions 2.5.x through 2.8.0, update to version 2.8.1 or later. For VMware Horizon View versions 6.x through 6.2.3, update to version 6.2.4 or later. For VMware Horizon View versions 7.x through 7.0.x, update to version 7.1.0 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2017-02002

CVE-2017-4907

Affected Products

Vmware Horizon View

Vmware Unified Access Gateway

PT-2017-2753 · Vmware · Vmware Horizon View+1

CVE-2017-4907

Weakness Enumeration

Related Identifiers

Affected Products

References · 6