Out-of-bounds Read Vulnerability in VMware Workstation and Horizon Client
CVE-2020-3988
6.1MEDIUM
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 16 September 2020
What is CVE-2020-3988?
VMware Workstation 15.x and Horizon Client for Windows (versions prior to 5.4.4) are susceptible to an out-of-bounds read vulnerability within the Cortado ThinPrint component, specifically in the JPEG2000 parser. This vulnerability could allow a malicious user with normal access to a virtual machine to induce a partial denial-of-service condition or potentially leak sensitive memory data from the TPView process on the host system that operates VMware Workstation or Horizon Client.
Affected Version(s)
VMware Workstation and Horizon Client for Windows VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)