CVE

Id
43777  
CVE No.
CVE-2010-1193  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in WebAccess in VMware Server 2.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON error messages.  
Phase
Assigned (20100330)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
476770 43777 CVE-2010-1193 MLIST:[security-announce] 20100329 VMSA-2010-0005 VMware products address vulnerabilities in WebAccess  View
476771 43777 CVE-2010-1193 URL:http://lists.vmware.com/pipermail/security-announce/2010/000086.html  View
476772 43777 CVE-2010-1193 CONFIRM:http://www.vmware.com/security/advisories/VMSA-2010-0005.html  View
476773 43777 CVE-2010-1193 BID:39037  View
476774 43777 CVE-2010-1193 URL:http://www.securityfocus.com/bid/39037  View
476775 43777 CVE-2010-1193 SECTRACK:1023769  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
35915 JVNDB-2010-001695 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性 複数の Mozilla 製品には、Content-Type: multipart が指定された際、HTTP ヘッダ内の Content-Disposition: attachment を適切に処理しないため、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-1197 43777 4.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001695.html  View