mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
78 lines
2.6 KiB
JSON
78 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "security@vmware.com",
|
|
"ID": "CVE-2017-4918",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Horizon View Client for Mac",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "2.x"
|
|
},
|
|
{
|
|
"version_value": "3.x"
|
|
},
|
|
{
|
|
"version_value": "4.x prior to 4.5.0"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "VMware"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Command injection vulnerability"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "1038642",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://www.securitytracker.com/id/1038642"
|
|
},
|
|
{
|
|
"name": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0011.html"
|
|
},
|
|
{
|
|
"name": "98984",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/98984"
|
|
}
|
|
]
|
|
}
|
|
} |