VMware View Multiple Vulnerabilities (VMSA-2012-0004)

high Nessus Plugin ID 63684

Synopsis

The remote host has a virtual desktop solution that is potentially affected by multiple vulnerabilities.

Description

The VMware View, formerly VMware Virtual Desktop Infrastructure components (Agent or Server), on the remote host is 4.x prior to 4.6.1. It is, therefore, potentially affected by the following vulnerabilities :

- A buffer overflow vulnerability exists in the XPDM and WDDM display drivers and a NULL pointer dereference in WDDM display driver that could allow local attackers to elevate privileges and potentially execute arbitrary code. (CVE-2012-1508, CVE-2012-1509, CVE-2012-1510)

- A cross-site scripting vulnerability exists where input passed via view manager portal is not properly validated. A remote attacker could exploit this vulnerability by creating a specially crafted URL, which could result in execution of arbitrary script code. (CVE-2012-1511)

Solution

Upgrade to VMware View Server 4.6.1 / VMware View Agent 4.6.1 or later.

See Also

https://www.vmware.com/security/advisories/VMSA-2012-0004.html

Plugin Details

Severity: High

ID: 63684

File Name: vmware_view_multiple_vmsa_2012_0004.nasl

Version: 1.9

Type: local

Agent: windows

Family: Windows

Published: 1/24/2013

Updated: 9/24/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:vmware:view

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 3/15/2012

Vulnerability Publication Date: 3/15/2012

Reference Information

CVE: CVE-2012-1508, CVE-2012-1509, CVE-2012-1510, CVE-2012-1511

BID: 52524, 52526

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990

VMSA: 2012-0004