Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1209

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2014-1209
Last Modified 14 Apr 2014 12:51:35
Published 11 Apr 2014 03:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1209

Summary

VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.

Vulnerable Systems

Application

  • Vmware Vsphere Client 4.0

  • Vmware Vsphere Client 4.1

  • Vmware Vsphere Client 5.0

  • Vmware Vsphere Client 5.1


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2014-0003.html


Last Updated: 27 May 2016 11:04:56