Vulnerabilities > CVE-2020-3951 - Out-of-bounds Write vulnerability in VMWare Horizon Client and Workstation
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
LOW Summary
VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issue to create a denial-of-service condition of the Thinprint service running on the system where Workstation or Horizon Client is installed.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family MacOS X Local Security Checks NASL id MACOSX_FUSION_VMSA_2020_0005.NASL description The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.0.x prior to 11.5.2. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-04-30 modified 2020-03-27 plugin id 134974 published 2020-03-27 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134974 title VMware Fusion 11.0.x < 11.5.2 Multiple Vulnerabilities (VMSA-2020-0005) NASL family General NASL id VMWARE_WORKSTATION_VMSA_2020_0005.NASL description The version of VMware Workstation installed on the remote Windows host is 15.0.x prior to 15.5.2. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-04-30 modified 2020-03-27 plugin id 134973 published 2020-03-27 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134973 title VMware Workstation 15.0.x < 15.5.2 Multiple Vulnerabilities (VMSA-2020-0005)