PT-2005-4382 · Vmware · Vmware Esxi

Published

2005-12-31

Updated

2018-10-30

CVE-2005-3619

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions VMware ESX versions 2.0.x through 2.0.1 upgrade patch 5 VMware ESX versions 2.1.x through 2.1.2 upgrade patch 5 VMware ESX versions 2.5.x through 2.5.2 upgrade patch 1

Description A cross-site scripting (XSS) issue exists in the management interface, allowing remote attackers to inject arbitrary web script or HTML via unsanitized messages when viewing syslog log files.

Recommendations For versions 2.0.x, apply upgrade patch 6 to resolve the issue. For versions 2.1.x, apply upgrade patch 6 to resolve the issue. For versions 2.5.x, apply upgrade patch 2 to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3619

Affected Products

Vmware Esxi

PT-2005-4382 · Vmware · Vmware Esxi

CVE-2005-3619

Related Identifiers

Affected Products

References · 4