NVD

Id
86619  
Name
CVE-2017-4913  
Description
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.  
Reject
 
CVSS Version
2  
CVSS Score
6.9  
Severity
Medium  
CVSS Base Score
6.9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2017-06-08  
Modified Date
2017-07-10  
Seq
2017-4913  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
420373 86619 CVE-2016-1555 http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html  View
420374 86619 CVE-2016-1555 20160225 D-Link, Netgear Router Vulnerabiltiies  View
420375 86619 CVE-2016-1555 https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
68390 JVNDB-2017-004647 VMware Workstation および Horizon View Client における整数オーバーフローの脆弱性 VMware Workstation および Horizon View Client には、整数オーバーフローの脆弱性が存在します。 CVE-2017-4913 0 CVE-2017-4913 86619 6.9 7.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004647.html 2017-04-18 2017-07-03 View