Arbitrary Program Execution Vulnerability in VMware vSphere Client

Arbitrary Program Execution Vulnerability in VMware vSphere Client

CVE-2014-1209 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.