(MS12-062) Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528)

  Severity: HIGH
  CVE Identifier: CVE-2012-2536
  Advisory Date: SEP 12, 2012

  DESCRIPTION

This patch resolves a cross-site scripting (XSS) vulnerability found in System Center Configuration Manager that exists in the following:

  • Microsoft Systems Management Server 2003 Service Pack 3
  • Microsoft System Center Configuration Manager 2007 Service Pack 2

The vulnerability may be exploited when an attacker creates a page that can exploit the vulnerability.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Systems Management Server 2003 Service Pack 3
  • Microsoft System Center Configuration Manager 2007 Service Pack 2

Featured Stories