CVE-2011-1789

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Cryptography Error

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2011-0426, CVE-2011-1788

Published on 10/05/11 - Updated on 26/05/11

Description

The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer.

Category: Cryptography Error

CWE-310 (Cryptographic Issues)
Weaknesses in this category are related to the use of cryptography.

Security Notices

US National Vulnerability DatabaseCVE-2011-1789
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2011-AVI-285
Renater 2011/VULN362

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
vmwareesx
vmwareesxi
vmwarevcenter

Share this vulnerability with:

Twitter Facebook LinkedIn Mail