ID

VAR-201706-0520


CVE

CVE-2017-4907


TITLE

VMware Unified Access Gateway and Horizon View Heap-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-004655

DESCRIPTION

VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway. The former is a secure gateway that accesses remote desktops and applications outside the corporate firewall; the latter is a device that can access VMwareHorizon desktops from any location. A heap buffer overflow vulnerability exists in VMware Unified AccessGateway and HorizonView. An attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application or could result in a denial of service. Failed exploits may result in denial-of-service conditions. x version

Trust: 2.52

sources: NVD: CVE-2017-4907 // JVNDB: JVNDB-2017-004655 // CNVD: CNVD-2017-05864 // BID: 97914 // VULHUB: VHN-113110

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-05864

AFFECTED PRODUCTS

vendor:vmwaremodel:horizon viewscope:eqversion:6.2.4

Trust: 2.4

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.8

Trust: 1.9

vendor:vmwaremodel:horizon viewscope:eqversion:6.2.3

Trust: 1.9

vendor:vmwaremodel:horizon viewscope:eqversion:7.0

Trust: 1.9

vendor:vmwaremodel:horizon viewscope:eqversion:6.2

Trust: 1.6

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.7.2

Trust: 1.6

vendor:vmwaremodel:horizon viewscope:eqversion:6.1.1

Trust: 1.6

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.7

Trust: 1.6

vendor:vmwaremodel:horizon viewscope:eqversion:6.2.2

Trust: 1.6

vendor:vmwaremodel:horizon viewscope:eqversion:6.2.1

Trust: 1.6

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.5

Trust: 1.0

vendor:vmwaremodel:horizon viewscope:eqversion:6.0

Trust: 1.0

vendor:vmwaremodel:horizon viewscope:eqversion:6.1

Trust: 1.0

vendor:vmwaremodel:horizon viewscope:eqversion:6.0.2

Trust: 1.0

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.5.1

Trust: 1.0

vendor:vmwaremodel:unified access gatewayscope:ltversion:2.8.x

Trust: 0.8

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.7.x

Trust: 0.8

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.5.x

Trust: 0.8

vendor:vmwaremodel:horizon viewscope:eqversion:7.1.0

Trust: 0.8

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.8.1

Trust: 0.8

vendor:vmwaremodel:horizon viewscope:ltversion:6.x

Trust: 0.8

vendor:vmwaremodel:horizon viewscope:ltversion:7.x

Trust: 0.8

vendor:vmwaremodel:unified access gatewayscope:eqversion:2.8.*<2.8.1

Trust: 0.6

vendor:vmwaremodel:horizon viewscope:eqversion:7.*<7.1.0

Trust: 0.6

vendor:vmwaremodel:horizon viewscope:eqversion:6.2.*<6.2.4

Trust: 0.6

vendor:vmwaremodel:horizon viewscope:eqversion:7.0.1

Trust: 0.3

vendor:vmwaremodel:unified access gatewayscope:neversion:2.8.1

Trust: 0.3

vendor:vmwaremodel:horizon viewscope:neversion:7.1

Trust: 0.3

vendor:vmwaremodel:horizon viewscope:neversion:6.2.4

Trust: 0.3

sources: CNVD: CNVD-2017-05864 // BID: 97914 // JVNDB: JVNDB-2017-004655 // CNNVD: CNNVD-201704-954 // NVD: CVE-2017-4907

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-4907
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-4907
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-05864
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201704-954
value: HIGH

Trust: 0.6

VULHUB: VHN-113110
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-4907
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-05864
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-113110
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-4907
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-05864 // VULHUB: VHN-113110 // JVNDB: JVNDB-2017-004655 // CNNVD: CNNVD-201704-954 // NVD: CVE-2017-4907

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-113110 // JVNDB: JVNDB-2017-004655 // NVD: CVE-2017-4907

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201704-954

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201704-954

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-004655

PATCH

title:VMSA-2017-0008url:https://www.vmware.com/security/advisories/VMSA-2017-0008.html

Trust: 0.8

title:Patch for VMware Unified AccessGateway and HorizonView heap buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/93144

Trust: 0.6

title:VMware Unified Access Gateway and Horizon View Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69403

Trust: 0.6

sources: CNVD: CNVD-2017-05864 // JVNDB: JVNDB-2017-004655 // CNNVD: CNNVD-201704-954

EXTERNAL IDS

db:NVDid:CVE-2017-4907

Trust: 3.4

db:BIDid:97914

Trust: 2.6

db:SECTRACKid:1038281

Trust: 1.1

db:JVNDBid:JVNDB-2017-004655

Trust: 0.8

db:CNNVDid:CNNVD-201704-954

Trust: 0.7

db:CNVDid:CNVD-2017-05864

Trust: 0.6

db:NSFOCUSid:36479

Trust: 0.6

db:VULHUBid:VHN-113110

Trust: 0.1

sources: CNVD: CNVD-2017-05864 // VULHUB: VHN-113110 // BID: 97914 // JVNDB: JVNDB-2017-004655 // CNNVD: CNNVD-201704-954 // NVD: CVE-2017-4907

REFERENCES

url:http://www.securityfocus.com/bid/97914

Trust: 2.3

url:http://www.vmware.com/security/advisories/vmsa-2017-0008.html

Trust: 2.0

url:http://www.securitytracker.com/id/1038281

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-4907

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-4907

Trust: 0.8

url:http://www.nsfocus.net/vulndb/36479

Trust: 0.6

url:http://www.vmware.com

Trust: 0.3

sources: CNVD: CNVD-2017-05864 // VULHUB: VHN-113110 // BID: 97914 // JVNDB: JVNDB-2017-004655 // CNNVD: CNNVD-201704-954 // NVD: CVE-2017-4907

CREDITS

Claudio Moletta (redr2e).

Trust: 0.9

sources: BID: 97914 // CNNVD: CNNVD-201704-954

SOURCES

db:CNVDid:CNVD-2017-05864
db:VULHUBid:VHN-113110
db:BIDid:97914
db:JVNDBid:JVNDB-2017-004655
db:CNNVDid:CNNVD-201704-954
db:NVDid:CVE-2017-4907

LAST UPDATE DATE

2024-11-23T21:53:59.631000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2017-05864date:2017-05-04T00:00:00
db:VULHUBid:VHN-113110date:2017-07-11T00:00:00
db:BIDid:97914date:2017-05-02T01:06:00
db:JVNDBid:JVNDB-2017-004655date:2017-07-03T00:00:00
db:CNNVDid:CNNVD-201704-954date:2017-06-09T00:00:00
db:NVDid:CVE-2017-4907date:2024-11-21T03:26:38.627

SOURCES RELEASE DATE

db:CNVDid:CNVD-2017-05864date:2017-05-04T00:00:00
db:VULHUBid:VHN-113110date:2017-06-08T00:00:00
db:BIDid:97914date:2017-04-18T00:00:00
db:JVNDBid:JVNDB-2017-004655date:2017-07-03T00:00:00
db:CNNVDid:CNNVD-201704-954date:2017-04-20T00:00:00
db:NVDid:CVE-2017-4907date:2017-06-08T13:29:00.220