VMware Patches Directory Traversal Flaw in Horizon View

VMware has released updates for the Windows versions of its Horizon View product to address an important vulnerability that could lead to information disclosure.

Security researcher Mike Arnold, known online as “Bruk0ut,” discovered that the desktop virtualization product is plagued by a flaw that could allow a directory traversal on the Horizon View Connection Server. A remote attacker can exploit this weakness to gain access to some potentially sensitive information.

The flaw, tracked as CVE-2016-7087, was reported by Arnold via Trend Micro’s Zero-Day Initiative (ZDI). ZDI has yet to make its advisory public, despite the fact that 160 days have passed since the initial report. The company typically discloses vulnerabilities after 120 days, but it is possible that VMware requested an extension of that deadline.

The security hole affects VMware Horizon View versions 5.x, 6.x and 7.x for Windows. The issue has been addressed with the release of versions 7.0.1, 6.2.3 and 5.3.7.

VMware has rated the vulnerability “important,” while ZDI has assigned it a CVSS score of 5.8, which puts it in the “medium” severity category.

VMware has released this year over a dozen rounds of security patches, including for vulnerabilities in ESXi, Fusion, Player, Workstation, vCenter, vRealize, NSX, vCNS and Identity Manager. However, this is the first security update released by the company in 2016 for the Horizon View product.

Related: VMware Products Affected by Critical glibc Flaw

Related: VMware Tools Flaw Allowed Code Execution via DLL Hijacking

Related: Privilege Escalation Flaw Found in VMware Tools

Related: VMware Reissues Patch for vCenter RCE Flaw