Vulnerability Description
Cross-site scripting (XSS) vulnerability in Microsoft Systems Management Server 2003 SP3 and System Center Configuration Manager 2007 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Reflected XSS Vulnerability."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | System Center Configuration Manager | 2007 |
| Microsoft | Systems Management Server | 2003 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/55430
- http://www.us-cert.gov/cas/techalerts/TA12-255A.htmlUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-06
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.securityfocus.com/bid/55430
- http://www.us-cert.gov/cas/techalerts/TA12-255A.htmlUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-06
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2012-2536?
CVE-2012-2536 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Microsoft Systems Management Server 2003 SP3 and System Center Configuration Manager 2007 SP2 allows remote attackers to inject arbitrary web script or HTML...
How severe is CVE-2012-2536?
CVE-2012-2536 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2536?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft System Center Configuration Manager, Microsoft Systems Management Server.