CVE-2009-2277

Currently unrated

Key Information:

Vendor: Vmware
Status: Esx Server; Virtualcenter
Vendor: CVE Published:; 1 April 2010

Summary

Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "context data."

References

http://www.securityfocus.com/bid/39037

vdb-entryx_refsource_BID

http://lists.vmware.com/pipermail/security-announce/2010/...

mailing-listx_refsource_MLIST

http://www.vmware.com/security/advisories/VMSA-2010-0005....

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 1, 2010
Vulnerability Reserved
Jul 1, 2009