VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
Information Disclosure
VMware
Vsphere Client
NVD
VulDB
CVSS 2.0
9.3
EPSS
4.1%