VMware Horizon's macOS Client Code Injection Vulnerability

VMware Horizon's macOS client versions prior to 4.5 suffer from a code injection vulnerability. CVE-2017-4918: Code Injection in VMware Horizonas macOS Client Metadata =================================================== Release Date: 10-July-2017 Author: Florian Bogner // https://bogner.sh Affect...

CVE-2017-4918

VMware Horizon View Client 2.x, 3.x and 4.x prior to 4.5.0 contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed...