|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-06-27 | |
| Rule Name: | Microsoft System Center Configuration Manager Cross Site Scripting Vulnerability (CVE-2012-2536) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Cross-site scripting (XSS) vulnerability in Microsoft Systems Management Server 2003 SP3 and System Center Configuration Manager 2007 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Reflected XSS Vulnerability." | |
| Impact: | An attacker can conduct a cross-site scripting attack to inject malicious client-side scripts into web pages viewed by other users, or to bypass access controls such as the same-origin policy, if affected version is installed. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | ||
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://technet.microsoft.com/zh-cn/security/bulletin/ms12-062 |