6 matches found
VMware ESX WebWorks Help Multiple XSS (VMSA-2009-0017) (remote check)
The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple cross-site scripting XSS vulnerabilities in WebWorks Help due to improper sanitization of user-supplied input to unspecified parameters or to messages used in topic links. A remote attacker can...
VMSA-2009-0017 : VMware vCenter, ESX patch and vCenter Lab Manager releases address XSS issues
a. WebWorks Help - Cross-site scripting vulnerability WebWorks Help is an output format that allows online Help to be delivered on multiple platforms and browsers, which makes it easy to publish information on the Web or on an enterprise intranet. WebWorks Help is used for creating the online hel...
VMware vCenter Lab Manager WebWorks Help跨站脚本漏洞
CVE ID:CVE-2009-3731 VMware vCenter Lab Manager使IT能够为开发测试创建和管理内部云,并通过自助访问研发、测试、配置和部署复杂的、多级别的应用程序所需的资源,为用户提供更高的服务等级。 WebWorks Help某个输出格式允许在线帮助在多种平台和浏览器上提交,可更加容易的在WEB或企业内网中发布信息。 WebWorks Help没有充分过滤入站请求,可导致内置WebWorks Help的应用程序触发跨站脚本攻击。 成功利用VMware产品中的此漏洞需要诱使用户点击恶意链接或在目标用户登录到vCenter时,ESX或VMware...
CVE-2009-3731
Multiple cross-site scripting XSS vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks...
CVE-2009-3731
CVE-2009-3731 describes multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help used by VMware products (e.g., vCenter/ESX/Server, Lab Manager, Stage Manager). The root cause is insufficient sanitization of inbound input in WebWorks Help output formats, enabling remote attackers to i...
VMSA-2009-0017:VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues
VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0017 VMware Security Advisory Synopsis: VMware vCenter, ESX patch and vCenter Lab Manager releases address...