CVE-2011-2217

Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:tomsawyer:get_extension_factory:5.5.2.237:*:*:*:*:*:*:*
cpe:2.3:a:vmware:virtual_infrastructure_client:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:virtual_infrastructure_client:2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*

Information

Published : 2011-06-06 12:55

Updated : 2017-08-28 18:29


NVD link : CVE-2011-2217

Mitre link : CVE-2011-2217


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

tomsawyer

  • get_extension_factory

vmware

  • infrastructure
  • virtual_infrastructure_client