CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-6970 – VMWare Horizon Client wswc_sharedMem_shared Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-6970
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems. VMware Horizon 6 (6.x.x en versiones anteriores a la 6.2.7), Horizon 7 (7.x.x en versiones anteriores a la 7.5.1) y Horizon Client (4.x.x en versiones anteriores a la 4.8.1) contiene una vulnerabilidad de lectura fuera de límites en la librería Message Framework. Su explotación con éxito podría permitir que un usuario con menos privilegios filtre información desde un proceso privilegiado que se ejecuta en un sistema donde estén instalados Horizon Connection Server, Horizon Agent o Horizon Client. • http://www.securityfocus.com/bid/105031 http://www.securitytracker.com/id/1041430 https://www.vmware.com/security/advisories/VMSA-2018-0019.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 15EXPL: 0CVE-2017-4907
https://notcve.org/view.php?id=CVE-2017-4907
VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway. Unified Access Gateway (versiones 2.5.x, 2.7.x, 2.8.x anteriores a 2.8.1) y Horizon View (versiones 7.x anteriores a 7.1.0, versiones 6.x anteriores a 6.2.4) de VMware, contienen una vulnerabilidad de desbordamiento de búfer de la pila que puede permitir a un atacante remoto ejecutar código en la puerta de enlace de seguridad. • http://www.securityfocus.com/bid/97914 http://www.securitytracker.com/id/1038281 http://www.vmware.com/security/advisories/VMSA-2017-0008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.8EPSS: 14%CPEs: 13EXPL: 0CVE-2016-7087 – VMware Horizon View loggerBean Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-7087
Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors. Vulnerabilidad de salto de directorio en el Connection Server en VMware Horizon View 5.x en versiones anteriores a 5.3.7, 6.x en versiones anteriores a 6.2.3 y 7.x en versiones anteriores a 7.0.1 permite a atacantes remotos obtener información sensible a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware Horizon View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the loggerBean service. The loadConfig method does not properly sanitize the path supplied. • http://www.securityfocus.com/bid/93455 http://www.securitytracker.com/id/1036972 http://www.vmware.com/security/advisories/VMSA-2016-0015.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •