VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability
|VMware Security Advisory|
|Synopsis:||VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability|
|Updated on:||2015-07-09 (Initial Advisory)|
VMware Workstation for Windows 10.x prior to version 10.0.7
VMware Player for Windows 7.x prior to version 7.1.1
VMware Player for Windows 6.x prior to version 6.0.7
VMware Horizon Client for Windows (with Local Mode Option) prior to version 5.4.2
VMware would like to thank Kyriakos Economou of Nettitude for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-3650 to this issue.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
|VMware Product||Product Version||Running on||Replace with/ Apply Patch|
|VMware Horizon Client for Windows (with Local Mode Option)||5.x||Windows||5.4.2|
|VMware Horizon Client for Windows||3.x||any||not affected|
Initial security advisory.
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announceThis Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.orgE-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories
Consolidated list of VMware Security Advisories
VMware Security Response Policy
VMware Lifecycle Support Phases
Created on July 9, 2015 by Rick Scherer
Posted under Alert.
This blog has 6,556 views.