Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

New VMware Security Advisory VMSA-2017-0002

0
0

Greetings from the VMware Security Response Center !

Today VMware has released the following new security advisory:

“VMSA-2017-0002 Horizon DaaS update addresses an insecure data validation issue”

The advisory documents a moderate severity insecure data validation issue ( CVE-2017-4897 ) in VMware Horizon DaaS. All 6.1.x versions are affected.

This vulnerability can be exploited by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Horizon DaaS 7.0.0 carries a fix for this issue.

VMware would like to thank Ahmad Ashraff of Aura Information Security for reporting this issue to us.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.

Customers should review the security advisories and direct any questions to VMware Support.


Viewing all articles
Browse latest Browse all 12749