Computer Security
[EN] securityvulns.ru no-pyccku


VMWare applications security vulnerabilities
Published:15.10.2012
Source:
SecurityVulns ID:12643
Type:remote
Threat Level:
5/10
Description:VMware Movie Decoder code execution, vCenter Operations crossite scripting, vCenter CapacityIQ directory travesal.
Affected:VMWARE : CapacityIQ 1.5
CVE:CVE-2012-5051 (Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors.)
 CVE-2012-5050 (Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2012-4897 (Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory.)
Original documentdocumentVMWARE, VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates (15.10.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod