CVE-2011-0330 in DellSystemLite.Scanner ActiveX controlinfo

Summary

The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 does not properly restrict the values of the WMIAttributesOfInterest property, which allows remote attackers to execute arbitrary WMI Query Language (WQL) statements via a crafted value, as demonstrated by a value that triggers disclosure of information about installed software.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

01/06/2011

Disclosure

02/21/2011

Moderation

VulDB entry created

Entries

VDB-56558 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

5.3

EPSS

0.00493

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-0330
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-0330
CVE Details	https://www.cvedetails.com/cve/CVE-2011-0330/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!