Computer Security
[EN] securityvulns.ru
no-pyccku

  

VMWare VirtualCenter ActiveX memory corruption
Published:11.06.2011
Source:BUGTRAQ
SecurityVulns ID:11728
Type:client
Level:5/10
Description:Tom Sawyer's Default GET Extension Factory ActiveX memory corruption.
Affected:VMWARE : VMWare VirtualCenter 2.5
CVE:CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability (11.06.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru