Products

Solutions

Company

Book A Live Demo

CVE-2017-4912 : Vulnerability Insights and Analysis

Learn about CVE-2017-4912 affecting VMware Workstation and Horizon View Client. Discover out-of-bounds read vulnerabilities enabling code execution or Denial of Service attacks on Windows OS.

CVE-2017-4912 was published on June 8, 2017, and affects VMware Workstation and Horizon View Client for Windows. The vulnerabilities in these products could allow for code execution or Denial of Service attacks on the Windows operating system.

Understanding CVE-2017-4912

This CVE identifies out-of-bounds read vulnerabilities in the TrueType Font (TTF) parser in VMware Workstation and Horizon View Client for Windows.

What is CVE-2017-4912?

Versions 12.x of VMware Workstation (prior to 12.5.3) and versions 4.x of Horizon View Client (prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in the TPView.dll file. Exploiting these vulnerabilities could lead to code execution or Denial of Service on the Windows OS.

The Impact of CVE-2017-4912

If exploited, a guest in VMware Workstation or a View desktop in Horizon View Client could execute code or cause a Denial of Service on the Windows OS. However, exploitation is only possible if virtual printing is enabled, which is not the default setting for Workstation but is enabled by default on Horizon View.

Technical Details of CVE-2017-4912

The technical details of this CVE include:

Vulnerability Description

The vulnerabilities involve out-of-bounds read issues in the TrueType Font (TTF) parser in the TPView.dll file.

Affected Systems and Versions

VMware Workstation 12.x prior to 12.5.3

Horizon View Client for Windows 4.x prior to 4.4.0

Exploitation Mechanism

Exploitation of these vulnerabilities could allow a guest in Workstation or a View desktop in Horizon View Client to execute code or cause a Denial of Service on the Windows OS.

Mitigation and Prevention

To address CVE-2017-4912, consider the following steps:

Immediate Steps to Take

Disable virtual printing if not required

Apply the necessary patches and updates

Long-Term Security Practices

Regularly update VMware products

Implement network segmentation to limit exposure

Patching and Updates

Ensure that VMware Workstation is updated to version 12.5.3 or later, and Horizon View Client for Windows is updated to version 4.4.0 or above.

CVE-2017-4912 : Vulnerability Insights and Analysis

Understanding CVE-2017-4912

What is CVE-2017-4912?

The Impact of CVE-2017-4912

Technical Details of CVE-2017-4912

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2017-4912 : Vulnerability Insights and Analysis

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2017-4912

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2017-4912?

The Impact of CVE-2017-4912

Technical Details of CVE-2017-4912

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2017-4912

What is CVE-2017-4912?

Is your System Free of Underlying Vulnerabilities?
Find Out Now