(MS12-062) Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528)
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2012-2536
Date du conseil: 12 septembre 2012
Description
This patch resolves a cross-site scripting (XSS) vulnerability found in System Center Configuration Manager that exists in the following:
- Microsoft Systems Management Server 2003 Service Pack 3
- Microsoft System Center Configuration Manager 2007 Service Pack 2
The vulnerability may be exploited when an attacker creates a page that can exploit the vulnerability.
Solutions
Affected software and version:
- Microsoft Systems Management Server 2003 Service Pack 3
- Microsoft System Center Configuration Manager 2007 Service Pack 2