VMware vSphere Client updates address security vulnerabilities
Apply the missing patch(es).
a. vSphere Client Insecure Client Download vSphere Client contains a vulnerability in accepting an updated vSphere Client file from an untrusted source. The vulnerability may allow a host to direct vSphere Client to download and execute an arbitrary file from any URI. This issue can be exploited if the host has been compromised or if a user has been tricked into clicking a malicious link.
vSphere Client 5.1 vSphere Client 5.0 vSphere Client 4.1 vSphere Client 4.0
Checks for missing patches.
Updated on 2015-03-25
- VMSA-2013-0002 VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability
- VMSA-2012-0007 VMware hosted products and ESX patches address privilege escalation
- VMSA-2010-0007: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
- VMSA-2013-0012 VMware vSphere updates address multiple vulnerabilities
- VMSA-2014-0003 VMware vSphere Client updates address security vulnerabilities