CVE-2011-2217

Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911
http://secunia.com/advisories/44826	Vendor Advisory
http://secunia.com/advisories/44844
http://securitytracker.com/id?1025602
http://www.securityfocus.com/bid/48099
http://www.vmware.com/security/advisories/VMSA-2011-0009.html	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/67816

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:tomsawyer:get_extension_factory:5.5.2.237:::::::*
	cpe:2.3:a:vmware:virtual_infrastructure_client:2.0.2:::::::*
	cpe:2.3:a:vmware:virtual_infrastructure_client:2.5:::::::*

cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-06-06 19:55

Updated : 2023-12-10 11:03

NVD link : CVE-2011-2217

Mitre link : CVE-2011-2217

CVE.ORG link : CVE-2011-2217

JSON object : View

Products Affected

vmware

infrastructure
virtual_infrastructure_client

tomsawyer

get_extension_factory

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2011-2217", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-06-06T19:55:03.800", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/44826", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/44844", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1025602", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/48099", "source": "cve@mitre.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67816", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document."}, {"lang": "es", "value": "Algunos controles ActiveX en (1) tsgetxu71ex552.dll y (2) tsgetx71ex552.dll en Tom Sawyer GET Extension Factory v5.5.2.237, como se usa en VI Client (tambi\u00e9n conocido como VMware Infrastructure Client) v2.0.2 con anterioridad a Build 230598 y v2.5 con anterioridad a Build 204931 en VMware Infrastructure 3,no controla correctamente la inicializaci\u00f3n dentro de Internet Explorer,lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio ( corrupci\u00f3n de memoria ) a trav\u00e9s de un documento HTML manipulado."}], "lastModified": "2017-08-29T01:29:20.487", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tomsawyer:get_extension_factory:5.5.2.237:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C96FF83B-F824-415F-A0BF-D0089F295047"}, {"criteria": "cpe:2.3:a:vmware:virtual_infrastructure_client:2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD305506-02D6-47EA-9947-CE3227EDD79E"}, {"criteria": "cpe:2.3:a:vmware:virtual_infrastructure_client:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "281E1084-61E9-4B33-AF60-26F2620F874C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD0E3A11-F411-4653-96ED-05ECE4DCF401"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}