CVE-2018-6970 – VMWare Horizon Client wswc_sharedMem_shared Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-6970
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems. VMware Horizon 6 (6.x.x en versiones anteriores a la 6.2.7), Horizon 7 (7.x.x en versiones anteriores a la 7.5.1) y Horizon Client (4.x.x en versiones anteriores a la 4.8.1) contiene una vulnerabilidad de lectura fuera de límites en la librería Message Framework. Su explotación con éxito podría permitir que un usuario con menos privilegios filtre información desde un proceso privilegiado que se ejecuta en un sistema donde estén instalados Horizon Connection Server, Horizon Agent o Horizon Client. • http://www.securityfocus.com/bid/105031 http://www.securitytracker.com/id/1041430 https://www.vmware.com/security/advisories/VMSA-2018-0019.html • CWE-125: Out-of-bounds Read •
CVE-2015-3650
https://notcve.org/view.php?id=CVE-2015-3650
vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread. Vmware-vmx.exe en VMware Workstation 7.x hasta 10.x anterior a 10.0.7 y 11.xanterior a 11.1.1, VMware Player 5.x y 6.x anterior a 6.0.7 y 7.x anterior a 7.1.1, y VMware Horizont Client hasta la versión 5.4.2 en Windows. No proporciona un puntero DACL válido durante la instalación del proceso vprintproxy.exe, por lo que permite a los usuarios del sistema operativo obtener privilegios del sistema mediante la inyección de un hilo. • http://www.securitytracker.com/id/1032822 http://www.securitytracker.com/id/1032823 http://www.vmware.com/security/advisories/VMSA-2015-0005.html https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation • CWE-284: Improper Access Control •
CVE-2015-2337
https://notcve.org/view.php?id=CVE-2015-2337
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. TPInt.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado ejecutar código arbitrario en el sistema operativo anfitrión a través de vectores no especificados. • http://www.securityfocus.com/bid/75095 http://www.securitytracker.com/id/1032529 http://www.securitytracker.com/id/1032530 http://www.vmware.com/security/advisories/VMSA-2015-0004.html • CWE-399: Resource Management Errors •
CVE-2015-2339
https://notcve.org/view.php?id=CVE-2015-2339
TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338. TPview.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio del sistema operativo anfitrión a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-2338. • http://www.securityfocus.com/bid/75092 http://www.securitytracker.com/id/1032529 http://www.securitytracker.com/id/1032530 http://www.vmware.com/security/advisories/VMSA-2015-0004.html • CWE-399: Resource Management Errors •
CVE-2015-2340
https://notcve.org/view.php?id=CVE-2015-2340
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors. TPInt.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio del sistema operativo anfitrión a través de vectores no especificados. • http://www.securityfocus.com/bid/75092 http://www.securitytracker.com/id/1032529 http://www.securitytracker.com/id/1032530 http://www.vmware.com/security/advisories/VMSA-2015-0004.html • CWE-399: Resource Management Errors •