Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:DE4A63F913AB2B8A1E5E1121D7C9D6F8
HistoryJun 19, 2011 - 12:00 a.m.

Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption

2011-06-1900:00:00
SAINT Corporation
download.saintcorporation.com
24

EPSS

0.941

Percentile

99.2%

JSON

Added: 06/19/2011
CVE: CVE-2011-2217
BID: 48099

Background

Tom Sawyer Software produces a variety of data visualization, layout, and analysis tools.

Problem

Certain ActiveX controls in **tsgetxu71ex552.dll** and **tsgetx71ex552.dll** in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer. A remote attacker could execute arbitrary code or cause a denial of service (memory corruption) by enticing a user to open a specially crafted HTML document in Internet Explorer.

Resolution

Upgrade or apply patches as described in VMware Security Advisory 2011-0009.

References

<http://secunia.com/advisories/44826/&gt;

Limitations

Exploit works on VMware VI Client 2.0.2.61426.

The user must open the exploit file in Internet Explorer 7 on the target system.

Platforms

Windows

Related

nessus 3
saint 3
cvelist 1
metasploit 1
zdt 1
checkpoint_advisories 1
securityvulns 2
cve 1
prion 1
exploitdb 1
packetstorm 2
nvd 1
openvas 2
vmware 2
nessus
nessus
Tom Sawyer Software GET Extension Factory COM Object Instantiation Memory Corruption
2011-06-07 00:00:00
VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0009) (remote check)
2016-03-04 00:00:00
VMSA-2011-0009 : VMware hosted product updates, ESX patches and VI Client update resolve multiple security issues
2011-06-06 00:00:00
saint
saint
Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption
2011-06-19 00:00:00
Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption
2011-06-19 00:00:00
Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption
2011-06-19 00:00:00
cvelist
cvelist
CVE-2011-2217
2011-06-06 19:00:00
metasploit
metasploit
Tom Sawyer Software GET Extension Factory Remote Code Execution
2012-06-08 16:10:20
zdt
zdt
Tom Sawyer Software GET Extension Factory Remote Code Execution
2012-06-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Tom Sawyer ActiveX Control Memory Corruption (CVE-2011-2217)
2011-11-01 00:00:00
securityvulns
securityvulns
VMWare VirtualCenter ActiveX memory corruption
2011-06-11 00:00:00
iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability
2011-06-11 00:00:00
cve
cve
CVE-2011-2217
2011-06-06 19:55:03
prion
prion
Memory corruption
2011-06-06 19:55:00
exploitdb
exploitdb
Tom Sawyer Software GET Extension Factory - Remote Code Execution (Metasploit)
2012-06-10 00:00:00
packetstorm
packetstorm
Tom Sawyer Software GET Extension Factory Remote Code Execution
2012-06-11 00:00:00
Embarcadero ER/Studio XE2 Server Portal Code Execution
2011-09-08 00:00:00
nvd
nvd
CVE-2011-2217
2011-06-06 19:55:03
openvas
openvas
VMware ESXi/ESX patches and VI Client update resolve multiple security issues (VMSA-2011-0009.3)
2012-03-16 00:00:00
VMSA-2011-0009.3 VMware hosted product updates, ESX patches and VI Client update resolve multiple security issues
2012-03-16 00:00:00
vmware
vmware
VMware hosted product updates, ESX patches and VI Client update resolve multiple security issues
2011-06-02 00:00:00
VMware hosted product updates, ESX patches and VI Client update resolve multiple security issue
2011-06-02 00:00:00

EPSS

0.941

Percentile

99.2%

JSON
Related for SAINT:DE4A63F913AB2B8A1E5E1121D7C9D6F8
nessus3saint3cvelist1metasploit1zdt1checkpoint_advisories1securityvulns2cve1prion1exploitdb1packetstorm2nvd1openvas2vmware2