Vulnerability Details : CVE-2011-2217
Public exploit exists!
Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-2217
94.90%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2011-2217
-
Tom Sawyer Software GET Extension Factory Remote Code Execution
Disclosure Date: 2011-05-03First seen: 2020-04-26exploit/windows/browser/tom_sawyer_tsgetx71ex552This module exploits a remote code execution vulnerability in the tsgetx71ex553.dll ActiveX control installed with Tom Sawyer GET Extension Factory due to an incorrect initialization under Internet Explorer. While the Tom Sawyer GET Extension Factory is installed
CVSS scores for CVE-2011-2217
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2011-2217
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2217
-
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
VMSA-2011-0009.3Vendor Advisory
-
http://www.securityfocus.com/bid/48099
Tom Sawyer Software GET Extension Factory Object Initialization Memory Corruption Vulnerability
-
http://securitytracker.com/id?1025602
VMware VI Client ActiveX Control Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/67816
Multiple VMware products VI Client ActiveX controls code execution CVE-2011-2217 Vulnerability Report
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911
Products affected by CVE-2011-2217
- cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtual_infrastructure_client:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtual_infrastructure_client:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:tomsawyer:get_extension_factory:5.5.2.237:*:*:*:*:*:*:*