CVE-2011-2217

06.06.2011, 19:55

Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 99%

Vendor	Product	Version
tomsawyer	get_extension_factory	5.5.2.237
vmware	virtual_infrastructure_client	2.0.2
vmware	virtual_infrastructure_client	2.5

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911

http://secunia.com/advisories/44826

http://secunia.com/advisories/44844

http://securitytracker.com/id?1025602

http://www.securityfocus.com/bid/48099

http://www.vmware.com/security/advisories/VMSA-2011-0009.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/67816

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911

http://secunia.com/advisories/44826

http://secunia.com/advisories/44844

http://securitytracker.com/id?1025602

http://www.securityfocus.com/bid/48099

http://www.vmware.com/security/advisories/VMSA-2011-0009.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/67816