CVE-2011-2217

Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911
http://secunia.com/advisories/44826	Vendor Advisory
http://securitytracker.com/id?1025602
http://www.securityfocus.com/bid/48099
http://www.vmware.com/security/advisories/VMSA-2011-0009.html	Vendor Advisory
http://secunia.com/advisories/44844
https://exchange.xforce.ibmcloud.com/vulnerabilities/67816

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:tomsawyer:get_extension_factory:5.5.2.237:::::::*
	cpe:2.3:a:vmware:virtual_infrastructure_client:2.0.2:::::::*
	cpe:2.3:a:vmware:virtual_infrastructure_client:2.5:::::::*

cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*

Information

Published : 2011-06-06 12:55

Updated : 2017-08-28 18:29

NVD link : CVE-2011-2217

Mitre link : CVE-2011-2217

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

tomsawyer

get_extension_factory

vmware

infrastructure
virtual_infrastructure_client

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911", "name": "20110603 Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "http://secunia.com/advisories/44826", "name": "44826", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://securitytracker.com/id?1025602", "name": "1025602", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/48099", "name": "48099", "tags": [], "refsource": "BID"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html", "name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/44844", "name": "44844", "tags": [], "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67816", "name": "vmware-viclient-code-exec(67816)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-2217", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2011-06-06T19:55Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:tomsawyer:get_extension_factory:5.5.2.237:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:virtual_infrastructure_client:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:virtual_infrastructure_client:2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:29Z"}

9.3 /10