VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: vmware
Published: 2020-09-16T16:17:11
Updated: 2024-08-04T07:52:20.600Z
Reserved: 2019-12-30T00:00:00
Link: CVE-2020-3989
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-09-16T17:15:14.093
Modified: 2020-09-28T17:46:36.810
Link: CVE-2020-3989
Redhat
No data.