Cloud Defense Logo

Products

Solutions

Company

CVE-2017-4935 : What You Need to Know

Learn about CVE-2017-4935, an out-of-bounds write vulnerability in VMware Workstation and Horizon View Client, enabling code execution or Denial of Service attacks. Find mitigation steps and patching details here.

A vulnerability has been identified in versions 12.x before 12.5.8 of VMware Workstation and versions 4.x before 4.6.1 of Horizon View Client for Windows. The vulnerability pertains to an out-of-bounds write issue within the TPView.dll JPEG2000 parser, potentially allowing code execution or Denial of Service attacks.

Understanding CVE-2017-4935

This CVE involves an out-of-bounds write vulnerability affecting VMware Workstation and Horizon View Client for Windows.

What is CVE-2017-4935?

CVE-2017-4935 is an out-of-bounds write vulnerability found in VMware Workstation and Horizon View Client for Windows, enabling potential code execution or Denial of Service attacks.

The Impact of CVE-2017-4935

        Exploitation could lead to code execution or Denial of Service attacks on the Windows OS running VMware Workstation or Horizon View Client.

Technical Details of CVE-2017-4935

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The vulnerability exists in the TPView.dll JPEG2000 parser, allowing out-of-bounds write actions.

Affected Systems and Versions

        VMware Workstation 12.x before 12.5.8
        Horizon View Client for Windows 4.x before 4.6.1

Exploitation Mechanism

        Exploitation is possible if virtual printing is enabled, which is not the default setting for VMware Workstation but is enabled by default for Horizon View Client.

Mitigation and Prevention

Protecting systems from CVE-2017-4935 requires immediate actions and long-term security practices.

Immediate Steps to Take

        Disable virtual printing if not required on VMware Workstation and Horizon View Client.
        Apply the necessary patches and updates provided by VMware.

Long-Term Security Practices

        Regularly update and patch VMware products to mitigate known vulnerabilities.
        Implement network segmentation to limit the impact of potential attacks.

Patching and Updates

        VMware has released patches to address this vulnerability. Ensure all affected systems are updated to the patched versions.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now