Vulnerability

(MS12-062) Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528)

Publish date: September 12, 2012

CVE-2012-2536

SEVERITY

HIGH

//  ADVISORY DATE

12 SEP 2012


DESCRIPTION

This patch resolves a cross-site scripting (XSS) vulnerability found in System Center Configuration Manager that exists in the following:

  • Microsoft Systems Management Server 2003 Service Pack 3
  • Microsoft System Center Configuration Manager 2007 Service Pack 2

The vulnerability may be exploited when an attacker creates a page that can exploit the vulnerability.

SOLUTION

AFFECTED SOFTWARE AND VERSION

  • Microsoft Systems Management Server 2003 Service Pack 3
  • Microsoft System Center Configuration Manager 2007 Service Pack 2

Featured Stories

Connect with us on