RSS   Vulnerabilities for 'Stage manager'   RSS

2009-12-16
 
CVE-2009-3731

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks Publisher 6.x through 8.x; WebWorks Publisher 2003; and WebWorks ePublisher 9.0.x through 9.3, 2008.1 through 2008.4, and 2009.x before 2009.3 allow remote attackers to inject arbitrary web script or HTML via (1) wwhelp_entry.html, reachable through index.html and wwhsec.htm, (2) wwhelp/wwhimpl/api.htm, (3) wwhelp/wwhimpl/common/html/frameset.htm, (4) wwhelp/wwhimpl/common/scripts/switch.js, or (5) the window.opener component in wwhelp/wwhimpl/common/html/bookmark.htm, related to (a) unspecified parameters and (b) messages used in topic links for the bookmarking functionality.

 

 >>> Vendor: Vmware 82 Products
Workstation
Gsx server
Esx server
ACE
Player
Server
Infrastructure
Virtualcenter
Vmware workstation
Vmware player
Vmware server
ESXI
ESX
Ace 2
Fusion
Vmware player 2
Vmware ace
Vmware esx
Vmware esxi
Movie decoder
Vmware virtualcenter
Studio
Lab manager
Stage manager
Vcenter
Vcenter lab manager
Vcenter stage manager
VMRC
Vix api
View manager
Tc server
Vcenter server
Springsource spring security
Open-vm-tools
Virtual infrastructure client
Springsource spring framework
AMS
Vcenter update manager
Zimbra desktop
Vcenter chargeback manager
VIEW
Vsphere
Vcenter orchestrator
Vshield manager
VMA
Vcenter operations
Capacityiq
Ovf tool
Vcenter server appliance
Hyperic hq
Vi-client
Vsphere client
Vcloud director
Tools
Vm-support
NSX
Vcloud networking and security
Airwatch
Vcloud automation center
Vsphere data protection
Horizon client
Horizon view client
Vrealize orchestrator
Vrealize business
Vrealize automation
Vcloud automation identity appliance
Vrealize log insight
Nsx edge
Vcloud networking and security edge
Workstation player
Workstation pro
Photon os
Identity manger
Fusion pro
Vrealize operations
Horizon view
Airwatch inbox
Airwatch agent
Horizon daas
Unified access gateway
Harbor
Xenon


Copyright 2019, cxsecurity.com

 

Back to Top