VMware WebAccess Virtual Machine Name Cross-site Scripting Vulnerability

Bugtraq ID: 39104
Class: Input Validation Error
CVE: CVE-2010-1137
Remote: Yes
Local: No
Published: Mar 29 2010 12:00AM
Updated: Oct 01 2012 07:10PM
Credit: Craig Marshall
Vulnerable: VMWare VirtualCenter 2.0.2
VMWare VirtualCenter 2.5 Update 2
VMWare VirtualCenter 2.5 Update 1
VMWare VirtualCenter 2.5
VMWare VirtualCenter 2.0.2 Update 5
VMWare VirtualCenter 2.0.2 Update 4
VMWare VirtualCenter 2.0.2 Update 3
VMWare VirtualCenter 2.0.2 Update 2
VMWare VirtualCenter 2.0.2 Update 1
VMWare Server 1.0.10
VMWare Server 1.0.9
VMWare Server 1.0.8
VMWare Server 1.0.7
VMWare Server 1.0.6
VMWare Server 1.0.5
VMWare Server 1.0.4
VMWare Server 1.0.3
VMWare Server 1.0.2
VMWare ESX Server 3.0.3
VMWare ESX Server 3.5
Gentoo Linux
Not Vulnerable: VMWare VirtualCenter 2.5 Update 4
VMWare ESX Server 3.5 ESX350-200903223


 

Privacy Statement
Copyright 2010, SecurityFocus