Summary
This host is installed with VMWare Server and is prone to Cross-Site Scripting vulnerability.
Impact
Successful exploitation will lets attackers to execute arbitrary web script or HTML.
Impact Level: Application
Solution
Apply workaround,
http://www.vmware.com/resources/techresources/726
*****
NOTE: Ignore this warning, if above mentioned workaround is manually applied.
*****
Insight
The flaws is due to error in 'Server Console' which is not properly validating the input data, which allows to inject arbitrary web script or HTML via the name of a virtual machine.
Affected
VMware Server version 1.0
References
Severity
Classification
-
CVE CVE-2010-1137 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
- Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
- Adobe Reader Unspecified Vulnerability (Windows)
- Adobe Reader 'SWF' Information Disclosure Vulnerability (Windows)
- AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability