QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-6970

Back to search

CVE-2018-6970

Published: Aug 13, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients installed on non-Windows systems.

VendorProductVersions

VMware

VMware Horizon 6, Horizon 7, and Horizon Client

affected
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1)

References

1041430
vdb-entry
x_refsource_SECTRACK
105031
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now