Computer Security
[EN] securityvulns.ru no-pyccku


VMWare View multiple security vulnerabilities
Published:18.03.2012
Source:
SecurityVulns ID:12255
Type:remote
Threat Level:
5/10
Description:Multiple XSS vulnerabilities.
Affected:VMWARE : VMware View 4.6
CVE:CVE-2012-1511 (Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.)
 CVE-2012-1510 (Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.)
 CVE-2012-1509 (Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.)
 CVE-2012-1508 (The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.)
Original documentdocumentVMWARE, VMSA-2012-0004 VMware View privilege escalation and cross-site scripting (18.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod