CVE Vulnerabilities

CVE-2011-0330

Published: Feb 21, 2011 | Modified: Mar 18, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 does not properly restrict the values of the WMIAttributesOfInterest property, which allows remote attackers to execute arbitrary WMI Query Language (WQL) statements via a crafted value, as demonstrated by a value that triggers disclosure of information about installed software.

Affected Software

Name Vendor Start Version End Version
Dellsystemlite.scanner_activex_control Dell 1.0.0.0 (including) 1.0.0.0 (including)

References