4 matches found
CVE-2013-1405
CVE-2013-1405 affects multiple VMware products (vCenter Server, VirtualCenter, vSphere Client, VI-Client, ESXi/ESX 3.5–4.1). A flaw in the management authentication protocol allows remote servers to trigger code execution or memory corruption via unspecified vectors. VMware’s VMSA-2013-0001 descr...
CVE-2016-7458
Summary of CVE-2016-7458 : VMware vSphere Client (versions 5.5 prior to U3e and 6.0 prior to U2a) contains an XML External Entity (XXE) vulnerability in which an XML document with an external entity declaration and an entity reference can cause information disclosure. The issue affects the vSpher...
CVE-2014-1209
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 are affected by CVE-2014-1209 due to improper validation of updates to Client files, which could allow a remote attacker to trigger the downloading and execution of an arbitrary program via unspecified vectors. Several c...
CVE-2014-1210
CVE-2014-1210 affects VMware vSphere Client, where server certificate validation is insufficient, allowing MITM via crafted X.509 certificates. Impacted versions include vSphere Client 5.0 (before Update 3) and 5.1 (before Update 2). Exploitation could enable spoofing of the vCenter server via SS...