VMware vSphere Client updates address security vulnerabilities
Apply the missing patch(es).
a. vSphere Client Insecure Client Download vSphere Client contains a vulnerability in accepting an updated vSphere Client file from an untrusted source. The vulnerability may allow a host to direct vSphere Client to download and execute an arbitrary file from any URI. This issue can be exploited if the host has been compromised or if a user has been tricked into clicking a malicious link.
vSphere Client 5.1 vSphere Client 5.0 vSphere Client 4.1 vSphere Client 4.0
Checks for missing patches.
Updated on 2015-03-25
- VMSA-2014-0008: VMware vSphere product updates to third party libraries
- VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
- VMSA-2012-0005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
- VMSA-2012-0012 VMware ESXi update addresses several security issues.
- VMSA-2012-0006 VMware ESXi and ESX address several security issues