CVE-2010-1137
N/A
N/A
Summary
Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a virtual machine.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/39037
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6863
- http://lists.vmware.com/pipermail/security-announce/2010/000086.html
- http://www.vmware.com/security/advisories/VMSA-2010-0005.html
- http://www.securitytracker.com/id?1023769
References
- http://www.securityfocus.com/bid/39037
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6863
- http://lists.vmware.com/pipermail/security-announce/2010/000086.html
- http://www.vmware.com/security/advisories/VMSA-2010-0005.html
- http://www.securitytracker.com/id?1023769
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.