Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Title- VMware Horizon View updates address directory traversal vulnerability
NameVMSA-2016-0015First vendor Publication2016-10-06
VendorVMwareLast vendor Modification2016-10-06
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores


VMware Horizon View updates address directory traversal vulnerability

VMware Horizon View contains a vulnerability that may allow for a directory traversal on the Horizon View Connection Server. Exploitation of this issue may lead to a partial information disclosure.

VMware would like to thank Mike Arnold (Bruk0ut) working with Trend Micro's Zero Day Initiative for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-7087 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2016-0015.html

CWE : Common Weakness Enumeration

100 %CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration


Nessus® Vulnerability Scanner

2016-10-13Name : An application installed on the remote Windows host is affected by an informa...
File : vmware_horizon_view_VMSA-2016-0015.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
2016-12-30 00:24:35
  • Multiple Updates
2016-12-29 13:22:01
  • Multiple Updates
2016-10-14 13:25:02
  • Multiple Updates
2016-10-07 09:23:14
  • First insertion