CVE-2005-4583

VMware ESX Server <2.5.x - RCE

Title source: llm

Description

Unspecified vulnerability in the Management Interface in VMware ESX Server 2.x up to 2.5.x before 24 December 2005 allows "remote code execution in the Web browser" via unspecified attack vectors, probably related to cross-site scripting (XSS).

References (6)

[Patch, Vendor Advisory] http://secunia.com/advisories/18250

[Exploit, Patch] http://securitytracker.com/id?1015422

[Patch] http://www.osvdb.org/22119

[Patch] http://www.securityfocus.com/bid/16086

[Patch] http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2001

[Vendor Advisory] http://www.vupen.com/english/advisories/2005/3084

Scores

EPSS 0.0160

EPSS Percentile 81.5%

Classification

CWE

CWE-79

Status draft

Affected Products (6)

vmware/esx

Timeline

Published Dec 29, 2005

Tracked Since Feb 18, 2026