![]() Solution Upgrade to VMWare Horizon View Client 5.4. This release includes many new features and enhancements to Horizon Conn. (CVE-2020-3990) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. VMware Horizon 7 version 7.12 is now released, along with VMware Horizon Client 5.4. If you want to use the URL Content Redirection feature in Horizon 7 and newer, run the installer with the following switch: /v URLFILTERINGENABLED1. This feature is enabled by default on Horizon Client. On the client machine, run the downloaded VMware-Horizon-Client-2206-8.6.0.exe or VMware-Horizon-Client-5.5.4.exe. ![]() Exploitation is only possible if virtual printing has been enabled. The VMware Horizon Client offers better performance and features. Rebooted, retried running a silent install and this. I deleted any reference to VMWare in the registry, deleted the install folder and deleted the VMware USB Arbitration Service which had been left from the previous failed install. A malicious actor with normal access to a virtual machine can exploit this issue to leak memory from TPView process running on the system where Horizon Client is installed. A previous failed install appears to have been the cause of the repeated failures to install. (CVE-2020-3989) - An information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. This feature is enabled by default on Horizon Client. Exploitation is only possible if virtual printing has been enabled. A malicious actor with normal access to a virtual machine can exploit this issue to create a partial denial-of-service condition on the system where Horizon Client is installed. (CVE-2020-3986, CVE-2020-3987, CVE-2020-3988) - A denial of service (DoS) vulnerability due to an out-of-bounds write issue in a Cortado ThinPrint component. A malicious actor with normal access to a virtual machine can exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Horizon Client is installed. Horizon Client for Windows 5. The issue is also present in the Chromium-based Edge browser. Horizon Client for Windows 5.5.1 includes the following new features: Fixes an incompatibility with USB redirection and the Chrome browser. A local authenticated attacker can exploit this issue to run commands as any user. It is, therefore, affected by a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. It is, therefore, affected by the following vulnerabilities: - Multiple out-of-bounds read vulnerabilities in Cortado ThinPrint components JPEG2000 parser, EMR STRETCHDIBITS parser, and EMF Parser. For more information, see Release Notes for VMware Horizon 7 version 7.13.1. The version of VMware Horizon View Client installed on the remote Windows host is prior to 5.4.3. Description The version of VMware Horizon Client for Windows installed on the remote host is less than 5.4.4. Synopsis A virtualization application installed on the remote host is affected by multiple vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |