CVE-2020-3951
3.8LOW
Key Information:
- Vendor
- Vmware
- Vendor
- CVE Published:
- 17 March 2020
Summary
VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issue to create a denial-of-service condition of the Thinprint service running on the system where Workstation or Horizon Client is installed.
Affected Version(s)
VMware Workstation and Horizon Client for Windows VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0)
References
CVSS V3.1
Score:
3.8
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved