VMware Issues New Security Advisory VMSA-2017-0011
Today, VMware has released the following new security advisory:“VMSA-2017-0011 – Horizon View Client update addresses a command injection vulnerability”
This documents an important severity command injection vulnerability (CVE-2017-4918) in the service startup script that affects VMware Horizon View Client for Mac (versions 2.x, 3.x and 4.x ).
Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OS X system where the client is installed.
VMware Horizon View Client for Mac 4.5.0 fixes this issue.
Read the entire article here, New VMware Security Advisory VMSA-2017-0011 – VMware Security & Compliance Blog
via the fine folks at VMware!