Critical severity9.8NVD Advisory· Published Jun 8, 2017· Updated May 13, 2026
CVE-2017-4918
CVE-2017-4918
Description
VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.
Affected products
15cpe:2.3:a:vmware:horizon_view:2.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:vmware:horizon_view:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:horizon_view:4.4.0:*:*:*:*:*:*:*
- VMware/Horizon View Client for Macv5Range: 2.x
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.securityfocus.com/bid/98984nvdThird Party AdvisoryVDB Entry
- www.vmware.com/security/advisories/VMSA-2017-0011.htmlnvdVendor Advisory
- www.securitytracker.com/id/1038642nvd
News mentions
0No linked articles in our index yet.