55 matches found
EUVD-2008-3500
Malware in sbrugna...
EUVD-2008-4261
Malware in sbrugna...
EUVD-2009-2273
Malware in sbrugna...
EUVD-2009-0522
Malware in sbrugna...
EUVD-2010-0713
Malware in sbrugna...
EUVD-2006-5973
Malware in sbrugna...
Memory corruption
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management...
CVE-2013-1405
CVE-2013-1405 affects multiple VMware products (vCenter Server, VirtualCenter, vSphere Client, VI-Client, ESXi/ESX 3.5–4.1). A flaw in the management authentication protocol allows remote servers to trigger code execution or memory corruption via unspecified vectors. VMware’s VMSA-2013-0001 descr...
VMSA-2012-0003 : VMware VirtualCenter Update and ESX 3.5 patch update JRE
a. VirtualCenter and ESX, Oracle Sun JRE update 1.5.032 Oracle Sun JRE is updated to version 1.5.032, which addresses multiple security issues that existed in earlier releases of Oracle Sun JRE. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.032 in the Oracle Java SE...
VMware VirtualCenter Update and ESX 3.5 patch update JRE
a. VirtualCenter and ESX, Oracle Sun JRE update 1.5.032Oracle Sun JRE is updated to version 1.5.032, which addresses multiple security issues that existed in earlier releases of OracleSun JRE.Oracle has documented the CVE identifiers that are addressed in JRE 1.5.032 in the Oracle Java SE Critica...
VMSA-2012-0003:VMware VirtualCenter Update and ESX 3.5 patch update JRE
VMSA-2012-0003.1 VMware VirtualCenter Update and ESX 3.5 patch update JRE VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0003.1 VMware Security Advisory Synopsis: VMware VirtualCenter Update and ESX 3.5 patch update JRE VMware Security Advisory Issue date: 2012-03-08...
VMWare VirtualCenter ActiveX memory corruption
Tom Sawyer's Default GET Extension Factory ActiveX memory corruption...
Directory traversal
Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2011-0426
Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a virtual machine...
CVE-2010-1137
Cross-site scripting XSS vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a virtual machine...
CVE-2010-0686
Summary: CVE-2010-0686 concerns VMware WebAccess in VMware VirtualCenter (2.0.2/2.5), VMware Server 2.0, and VMware ESX (3.0.3/3.5). The issue is a URL forwarding vulnerability where the WebAccess proxy functionality does not properly validate/limit inbound requests, allowing an attacker to spoof...
CVE-2009-2277
Cross-site scripting XSS vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "context data."...
CVE-2009-2277
CVE-2009-2277 is a WebAccess cross-site scripting vulnerability in VMware infrastructure products (VirtualCenter 2.0.2/2.5 and ESX 3.0.3/3.5) that allows remote script/HTML injection via the context data mechanism. Attacks can be launched by enticing a user to request a malicious URL (e.g., throu...
CVE-2010-1137
CVE-2010-1137 describes a cross-site scripting (XSS) vulnerability in VMware WebAccess/VMware Console components. Affected products include VMware VirtualCenter 2.0.2 and 2.5, VMware ESX 3.0.3 and 3.5, and VMware Server 1.0; the issue arises from injecting arbitrary web script or HTML via the nam...