cnvd - cnvd-2021-44966

CNVD-2021-44966

Vulnerability from cnvd - Published: 2021-06-25

Title

VMware Workstation和Horizon Client越界读取漏洞

Description

VMware Workstation和VMware Horizon Client都是美国威睿（Vmware）公司的产品。VMware Workstation是一套虚拟机软件。该软件提供可以同时运行多个不同的操作系统的虚拟机功能。VMware Horizon Client是一款用于连接VMware Horizon虚拟桌面的客户端应用程序。 VMware Workstation和Horizon Client for Windows存在越界读取漏洞，攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。

Severity

低

Patch Name

VMware Workstation和Horizon Client越界读取漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.vmware.com/security/advisories/VMSA-2021-0009.html

Reference

https://www.auscert.org.au/bulletins/ESB-2021.1787

Impacted products

Name
['VMWare Workstation 16.，<16.1.2', 'VMWare Horizon Client for Windows 5.，<5.5.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-21988"
    }
  },
  "description": "VMware Workstation\u548cVMware Horizon Client\u90fd\u662f\u7f8e\u56fd\u5a01\u777f\uff08Vmware\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002VMware Workstation\u662f\u4e00\u5957\u865a\u62df\u673a\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u63d0\u4f9b\u53ef\u4ee5\u540c\u65f6\u8fd0\u884c\u591a\u4e2a\u4e0d\u540c\u7684\u64cd\u4f5c\u7cfb\u7edf\u7684\u865a\u62df\u673a\u529f\u80fd\u3002VMware Horizon Client\u662f\u4e00\u6b3e\u7528\u4e8e\u8fde\u63a5VMware Horizon\u865a\u62df\u684c\u9762\u7684\u5ba2\u6237\u7aef\u5e94\u7528\u7a0b\u5e8f\u3002\n\nVMware Workstation\u548cHorizon Client for Windows\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.vmware.com/security/advisories/VMSA-2021-0009.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-44966",
  "openTime": "2021-06-25",
  "patchDescription": "VMware Workstation\u548cVMware Horizon Client\u90fd\u662f\u7f8e\u56fd\u5a01\u777f\uff08Vmware\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002VMware Workstation\u662f\u4e00\u5957\u865a\u62df\u673a\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u63d0\u4f9b\u53ef\u4ee5\u540c\u65f6\u8fd0\u884c\u591a\u4e2a\u4e0d\u540c\u7684\u64cd\u4f5c\u7cfb\u7edf\u7684\u865a\u62df\u673a\u529f\u80fd\u3002VMware Horizon Client\u662f\u4e00\u6b3e\u7528\u4e8e\u8fde\u63a5VMware Horizon\u865a\u62df\u684c\u9762\u7684\u5ba2\u6237\u7aef\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nVMware Workstation\u548cHorizon Client for Windows\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "VMware Workstation\u548cHorizon Client\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "VMWare Workstation 16.*\uff0c\u003c16.1.2",
      "VMWare Horizon Client for Windows 5.*\uff0c\u003c5.5.2"
    ]
  },
  "referenceLink": "https://www.auscert.org.au/bulletins/ESB-2021.1787",
  "serverity": "\u4f4e",
  "submitTime": "2021-05-25",
  "title": "VMware Workstation\u548cHorizon Client\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e"
}

CVE-2021-21988 (GCVE-0-2021-21988)

Vulnerability from cvelistv5 – Published: 2021-05-24 11:35 – Updated: 2024-08-03 18:30

Summary

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed.

Severity ?

No CVSS data available.

CWE

Out-of-bounds read vulnerability in Cortado ThinPrint

Assigner

vmware

References

URL

Tags

	https://www.vmware.com/security/advisories/VMSA-2…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	VMware Workstation Pro / Player (Workstation), VMware Horizon Client for Windows	Affected: VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:30:23.700Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMware Workstation Pro / Player (Workstation), VMware Horizon Client for Windows",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out-of-bounds read vulnerability in Cortado ThinPrint",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-25T17:06:08",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "ID": "CVE-2021-21988",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMware Workstation Pro / Player (Workstation), VMware Horizon Client for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Out-of-bounds read vulnerability in Cortado ThinPrint"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html",
              "refsource": "MISC",
              "url": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2021-21988",
    "datePublished": "2021-05-24T11:35:00",
    "dateReserved": "2021-01-04T00:00:00",
    "dateUpdated": "2024-08-03T18:30:23.700Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-44966

CVE-2021-21988 (GCVE-0-2021-21988)

Tags

Sightings

Nomenclature