VYPR
Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Jun 16, 2026

CVE-2005-3619

CVE-2005-3619

Description

Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5.2 upgrade patch 2, 2.1.x before 2.1.2 upgrade patch 6, and 2.0.x before 2.0.1 upgrade patch 6 allows remote attackers to inject arbitrary web script or HTML via messages that are not sanitized when viewing syslog log files.

Affected products

7
  • VMware/Esx7 versions
    cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esx:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esx:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esx:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esx:2.5:*:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esx:2.5.2:*:*:*:*:*:*:*
    • (no CPE)range: 2.5.x < 2.5.2 upgrade patch 2; 2.1.x < 2.1.2 upgrade patch 6; 2.0.x < 2.0.1 upgrade patch 6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.