Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2020-3987

Disclosure Date: September 16, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Products

  • VMware Workstation and Horizon Client for Windows

Additional Info

Technical Analysis