Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 13/08/2018 Updated: 15/10/2018

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

VMware Horizon 6 (6.x.x prior to 6.2.7), Horizon 7 (7.x.x prior to 7.5.1), and Horizon Client (4.x.x and prior prior to 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware horizon view
vmware horizon client

CWE-125 https://www.vmware.com/security/advisories/VMSA-2018-0019.html http://www.securitytracker.com/id/1041430 http://www.securityfocus.com/bid/105031 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-6970

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect