Nessus Name: VMware Horizon View 6.x < 6.2.4 / 7.x < 7.1.0 Unspecified Buffer Overflow RCE (VMSA-2017-0008)Īctive APT Groups: 🔍 Countermeasures info Recommended: Upgrade The vulnerability is also documented in the vulnerability database at Tenable ( 99708). A possible mitigation has been published before and not just after the disclosure of the vulnerability. The commercial vulnerability scanner Qualys is able to test this issue with plugin 370414 (VMware Horizon View Multiple Vulnerabilities.(VMSA-2017-0008)). It is assigned to the family Windows and running in the context local. The vulnerability scanner Nessus provides a plugin with the ID 99708 (VMware Horizon View 6.x < 6.2.4 / 7.x < 7.1.0 Unspecified Buffer Overflow RCE (VMSA-2017-0008)), which helps to determine the existence of the flaw in a target environment. There are neither technical details nor an exploit publicly available. No form of authentication is required for a successful exploitation. This vulnerability was named CVE-2017-4907 since.
The weakness was presented by Claudio Moletta (Website). As an impact it is known to affect confidentiality, integrity, and availability. The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. The CWE definition for the vulnerability is CWE-119. The manipulation with an unknown input leads to a memory corruption vulnerability. This vulnerability affects an unknown function.
A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability classified as critical was found in VMware Unified Access Gateway and Horizon View ( the affected version is unknown). The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.
0 kommentar(er)
