VYPR
Get started
← All advisories
High severity7.8NVD Advisory· Published Nov 17, 2017· Updated May 13, 2026

CVE-2017-4936

CVE-2017-4936

Description

VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.

Affected products

22
  • VMware/Horizon View8 versions
    cpe:2.3:a:vmware:horizon_view:4.0.0:*:*:*:*:windows:*:*+ 7 more
    • cpe:2.3:a:vmware:horizon_view:4.0.0:*:*:*:*:windows:*:*
    • cpe:2.3:a:vmware:horizon_view:4.0.1:*:*:*:*:windows:*:*
    • cpe:2.3:a:vmware:horizon_view:4.1:*:*:*:*:windows:*:*
    • cpe:2.3:a:vmware:horizon_view:4.2:*:*:*:*:windows:*:*
    • cpe:2.3:a:vmware:horizon_view:4.3:*:*:*:*:windows:*:*
    • cpe:2.3:a:vmware:horizon_view:4.4:*:*:*:*:windows:*:*
    • cpe:2.3:a:vmware:horizon_view:4.5:*:*:*:*:windows:*:*
    • cpe:2.3:a:vmware:horizon_view:4.6:*:*:*:*:windows:*:*
  • VMware/Workstation13 versions
    cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.7:*:*:*:*:*:*:*
    • (no CPE)range: 12.x before 12.5.8
  • VMware/Horizon View Client for Windowsv5
    Range: 4.x before 4.6.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.