Secunia
Login
|
|
CVE Reference: CVE-2011-2217 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2011-2217 |
|
|
Description: Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/67816 ST 1025602 SAID Secunia Advisory: SA44826 Secunia Advisory: SA44844 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911 CONFIRM http://www.vmware.com/security/advisories/VMSA-2011-0009.html BID 48099 |
|
| Return to the previous page. |
