Lucene search
RootSSV:60378HistorySep 12, 2012 - 12:00 a.m.
Microsoft System Center Configuration Manager跨站脚本执行漏洞(MS12-062)
2012-09-1200:00:00
Root
www.seebug.org
15
0.944 High
EPSS
Percentile
99.2%
BUGTRAQ ID: 55430
CVE ID: CVE-2012-2536
系统中心配置管理器2007 R2(System Center Configuration Manager 2007 R2)—以前被称为 Systems Management Server (SMS) —是在物理、虚拟、分布以及移动环境之间综合评估、配置和升级服务器、客户端和设备的解决方案。
System Center Configuration Manager中存在XSS漏洞,代码可被反注入到用户的结果页面,导致单击后执行攻击者控制的代码。
0
Microsoft Systems Management Server 2003 Service Pack 3
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
*启用IE8和IE9本地内联网安全区域XSS过滤器。
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS12-062)以及相应补丁:
MS12-062:Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528)
链接:http://www.microsoft.com/technet/security/bulletin/MS12-062.asp
Related
nessus
nessus
openvas
openvas
Microsoft System Center Configuration Manager XSS Vulnerability (2741528)
2012-09-12 00:00:00
Microsoft System Center Configuration Manager XSS Vulnerability (2741528)
2012-09-12 00:00:00
prion
prion
Cross site scripting
2012-09-11 18:55:00
cvelist
cvelist
CVE-2012-2536
2012-09-11 18:00:00
cve
cve
CVE-2012-2536
2012-09-11 18:55:01
checkpoint_advisories
checkpoint_advisories
Microsoft SCCM Reflected Cross-site Scripting (MS12-062; CVE-2012-2536)
2012-09-11 00:00:00
securityvulns
securityvulns
Microsoft System Center Configuration Manager crossite scripting
2012-09-18 00:00:00
symantec
symantec
nvd
nvd
CVE-2012-2536
2012-09-11 18:55:01
