Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2277

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-2277
Last Modified 21 Aug 2010 01:33:35
Published 01 Apr 2010 03:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2277

Summary

Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "context data."

Vulnerable Systems

Application

  • Vmware Esx Server 3.0.3

  • Vmware Esx Server 3.5

  • Vmware Virtualcenter 2.0.2

  • Vmware Virtualcenter 2.5


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2010-0005.html

BID - 39037

MLIST - [security-announce] 20100329 VMSA-2010-0005 VMware products address vulnerabilities in WebAccess


Last Updated: 27 May 2016 10:50:50