[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

Reflected XSS vulnerability in System Center Configuration Manager 2007 and Systems Management Server 2003

ID: oval:org.secpod.oval:def:6972Date: (C)2012-09-13   (M)2022-03-15
Class: VULNERABILITYFamily: windows




The host is installed with Microsoft Systems Management Server 2003 SP3 or Microsoft System Center Configuration Manager 2007 SP2 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which fail to handle a specially crafted URL. Successful exploitation allows attackers to force users to visit attacker's website by getting them to click a link in an email message or Instant Messenger message.

Platform:
Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product:
Microsoft System Center Configuration Manager 2007
Microsoft System Center Configuration Manager 2007 R2
Microsoft System Center Configuration Manager 2007 R3
Microsoft Systems Management Server 2003
Reference:
CVE-2012-2536
CVE    1
CVE-2012-2536
CPE    6
cpe:/a:microsoft:systems_management_server:2003:sp3
cpe:/a:microsoft:systems_management_server:2007:sp2
cpe:/a:microsoft:systems_management_server:2007:r2
cpe:/a:microsoft:systems_management_server:2007
...

© SecPod Technologies