VMware Horizon View Client 5.x < 5.4.2 DACL Privilege Escalation (VMSA-2015-0005)
High Nessus Plugin ID 84804
SynopsisThe virtualization application installed on the remote host is affected by a privilege escalation vulnerability.
DescriptionThe version of VMware Horizon View Client installed on the remote host is 5.x (with local mode) prior to 5.4.2. It is, therefore, affected by a privilege escalation vulnerability due to a failure to provide a valid discretionary access control list (DACL) pointer for the printproxy.exe process. A local attacker, using thread injection, can exploit this to gain elevated privileges or execute arbitrary code.
SolutionUpgrade to VMware Horizon View Client 5.4.2 (with local mode) or later.