Out-of-bounds Read Vulnerability in VMware Workstation and Horizon Client
CVE-2020-3988

6.1MEDIUM

Key Information:

Vendor

Vmware
Status
Vmware Workstation And Horizon Client For Windows
Vendor
CVE Published:
16 September 2020

What is CVE-2020-3988?

VMware Workstation 15.x and Horizon Client for Windows (versions prior to 5.4.4) are susceptible to an out-of-bounds read vulnerability within the Cortado ThinPrint component, specifically in the JPEG2000 parser. This vulnerability could allow a malicious user with normal access to a virtual machine to induce a partial denial-of-service condition or potentially leak sensitive memory data from the TPView process on the host system that operates VMware Workstation or Horizon Client.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

VMware Workstation and Horizon Client for Windows VMware Workstation (15.x), Horizon Client for Windows (5.x before 5.4.4)

References

https://www.vmware.com/security/advisories/VMSA-2020-0020...
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.