‫ VMware vCenter / ESX / Update Manager Java Multiple Vulnerabilities

IRCAD2012082163
ID: IRCAD2012082163                              
Release Date: 2012-08-31
Criticality level: Highly critical
Software:
VMware ESX Server 4.x
VMware vCenter Server 4.x
VMware vSphere Update Manager 4.x
Description:
VMware acknowledged multiple vulnerabilities in VMware vCenter and VMware ESX Server, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) The applications bundle a vulnerable version of Java JRE version 1.6.0.
This vulnerability is reported in vCenter version 4.1 and ESX version 4.1.
2) The application bundles a vulnerable version of Java JRE version 1.5.0.
This vulnerability is reported in Update Manager version 4.1.
Solution
Apply updates (please see the vendor's advisory for details).
 
References:
VMSA-2012-0013:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 14 شهریور 1391

امتیاز

امتیاز شما
تعداد امتیازها:0