VMware View Multiple Vulnerabilities (VMSA-2012-0004)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote host has a virtual desktop solution that is potentially
affected by multiple vulnerabilities.

Description :

The VMware View, formerly VMware Virtual Desktop Infrastructure
components (Agent or Server), on the remote host is 4.x prior to
4.6.1. It is, therefore, potentially affected by the following
vulnerabilities :

- A buffer overflow vulnerability exists in the XPDM and
WDDM display drivers and a NULL pointer dereference in
WDDM display driver that could allow local attackers to
elevate privileges and potentially execute arbitrary
code. (CVE-2012-1508, CVE-2012-1509, CVE-2012-1510)

- A cross-site scripting vulnerability exists where input
passed via view manager portal is not properly validated.
A remote attacker could exploit this vulnerability by
creating a specially crafted URL, which could result in
execution of arbitrary script code. (CVE-2012-1511)

See also :

http://www.vmware.com/security/advisories/VMSA-2012-0004.html

Solution :

Upgrade to VMware View Server 4.6.1 / VMware View Agent 4.6.1 or
later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 63684 ()

Bugtraq ID: 52524
52526

CVE ID: CVE-2012-1508
CVE-2012-1509
CVE-2012-1510
CVE-2012-1511

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now