CVE-2011-4733

Name of the Vulnerable Software and Affected Versions Parallels Plesk Panel version 10.2.0 build1011110331.18

Description The Server Administration Panel in Parallels Plesk Panel has an issue where it sends incorrect Content-Type headers for certain resources. This could allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving files such as smb/admin-home/disable-featured-applications-promo. It is possible that only clients, not the Plesk product itself, could be affected by this issue.

Recommendations For Parallels Plesk Panel version 10.2.0 build1011110331.18, consider restricting access to the vulnerable resources, such as the smb/admin-home/disable-featured-applications-promo file, until a proper fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.