==================================================================== CERT-Renater Note d'Information No. 2017/VULN175 _____________________________________________________________________ DATE : 09/06/2017 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running VMware Horizon View Client versions prior to 4.5. ===================================================================== https://lists.vmware.com/pipermail/security-announce/2017/000381.html ____________________________________________________________________ - ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2017-0011 Severity: Important Synopsis: Horizon View Client update addresses a command injection vulnerability Issue date: 2017-06-08 Updated on: 2017-06-08 (Initial Advisory) CVE number: CVE-2017-4918 1. Summary Horizon View Client update addresses a command injection vulnerability 2. Relevant Products VMware Horizon View Client for Mac (View Client) 3. Problem Description Horizon View Client command injection vulnerability VMware Horizon View Client contains a command injection issue in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed. VMware would like to thank Florian Bogner from Kapsch BusinessCom AG for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4918 to this issue. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Mitigations/ Product Version on Severity Apply patch Workarounds ============ ======= ====== ========= ============= ========== View Client 4.x OSX Important 4.5 None View Client 3.x OSX Important 4.5 None View Client 2.x OSX Important 4.5 None 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware Horizon View Client Downloads: https://my.vmware.com/web/vmware/details?downloadGroup=CART17Q2_ MAC_450&productId=578&rPId=16682 Documentation: https://www.vmware.com/support/viewclients/doc/viewclients_pubs.html 5. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4918 - ------------------------------------------------------------------------- 6. Change log 2017-06-08 VMSA-2017-0011 Initial security advisory in conjunction with the release of VMware Horizon View Client 4.5 on 2017-06-08. - ------------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce@lists.vmware.com bugtraq@securityfocus.com fulldisclosure@seclists.org E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories Consolidated list of VMware Security Advisories http://kb.vmware.com/kb/2078735 VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC Copyright 2017 VMware Inc. All rights reserved. ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================