CVE-2017-4910 : What You Need to Know
Learn about CVE-2017-4910, out-of-bounds read vulnerabilities in VMware Workstation and Horizon View Client, enabling code execution or DoS attacks. Find mitigation steps and patching details.
CVE-2017-4910 was published on June 8, 2017, by VMware. It involves out-of-bounds read vulnerabilities in VMware Workstation and Horizon View Client, potentially allowing code execution or Denial of Service attacks.
Understanding CVE-2017-4910
This CVE highlights critical vulnerabilities in VMware products that could be exploited by attackers.
What is CVE-2017-4910?
CVE-2017-4910 refers to out-of-bounds read vulnerabilities in the JPEG2000 parser in TPView.dll within VMware Workstation versions 12.x prior to 12.5.3 and Horizon View Client versions 4.x prior to 4.4.0.
The Impact of CVE-2017-4910
These vulnerabilities could enable a guest to execute code or cause a Denial of Service on the Windows OS running Workstation or Horizon View Client. Exploitation requires virtual printing to be enabled.
Technical Details of CVE-2017-4910
This section delves into the technical aspects of the CVE.
Vulnerability Description
The vulnerabilities are related to out-of-bounds read issues via Cortado ThinPrint.
Affected Systems and Versions
- VMware Workstation 12.x prior to 12.5.3
- Horizon View Client for Windows 4.x prior to 4.4.0
Exploitation Mechanism
- Virtual printing must be enabled for exploitation to occur.
Mitigation and Prevention
Protecting systems from CVE-2017-4910 is crucial.
Immediate Steps to Take
- Disable virtual printing if not required.
- Apply patches provided by VMware promptly.
Long-Term Security Practices
- Regularly update VMware products to the latest versions.
- Implement network segmentation to contain potential attacks.
Patching and Updates
- VMware released patches to address these vulnerabilities. Ensure all affected systems are updated to the patched versions.