CVE-2017-4918
VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.
| Software | From | Fixed in |
|---|---|---|
| vmware / horizon_view | 4.0.1 | 4.0.1.x |
| vmware / horizon_view | 4.1.0 | 4.1.0.x |
| vmware / horizon_view | 2.1 | 2.1.x |
| vmware / horizon_view | 4.2.0 | 4.2.0.x |
| vmware / horizon_view | 4.3.0 | 4.3.0.x |
| vmware / horizon_view | 3.2 | 3.2.x |
| vmware / horizon_view | 3.3 | 3.3.x |
| vmware / horizon_view | 3.0 | 3.0.x |
| vmware / horizon_view | 4.4.0 | 4.4.0.x |
| vmware / horizon_view | 2.0 | 2.0.x |
| vmware / horizon_view | 2.2 | 2.2.x |
| vmware / horizon_view | 3.1 | 3.1.x |
| vmware / horizon_view | 2.3 | 2.3.x |
| vmware / horizon_view | 4.0.0 | 4.0.0.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime