VMware View Multiple Vulnerabilities (VMSA-2012-0004)

High Nessus Plugin ID 63684


The remote host has a virtual desktop solution that is potentially affected by multiple vulnerabilities.


The VMware View, formerly VMware Virtual Desktop Infrastructure components (Agent or Server), on the remote host is 4.x prior to 4.6.1. It is, therefore, potentially affected by the following vulnerabilities :

- A buffer overflow vulnerability exists in the XPDM and WDDM display drivers and a NULL pointer dereference in WDDM display driver that could allow local attackers to elevate privileges and potentially execute arbitrary code. (CVE-2012-1508, CVE-2012-1509, CVE-2012-1510)

- A cross-site scripting vulnerability exists where input passed via view manager portal is not properly validated. A remote attacker could exploit this vulnerability by creating a specially crafted URL, which could result in execution of arbitrary script code. (CVE-2012-1511)


Upgrade to VMware View Server 4.6.1 / VMware View Agent 4.6.1 or later.

See Also


Plugin Details

Severity: High

ID: 63684

File Name: vmware_view_multiple_vmsa_2012_0004.nasl

Version: $Revision: 1.5 $

Type: local

Agent: windows

Family: Windows

Published: 2013/01/24

Modified: 2015/02/13

Dependencies: 63682, 63681

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:view

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/03/15

Vulnerability Publication Date: 2012/03/15

Reference Information

CVE: CVE-2012-1508, CVE-2012-1509, CVE-2012-1510, CVE-2012-1511

BID: 52524, 52526

OSVDB: 80115, 80116, 80117, 80118

VMSA: 2012-0004

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990