CVE-2011-0330

CVSS 5.0 - MEDIUM

Description

The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 does not properly restrict the values of the WMIAttributesOfInterest property, which allows remote attackers to execute arbitrary WMI Query Language (WQL) statements via a crafted value, as demonstrated by a value that triggers disclosure of information about installed software.

Affected Products

1

Vendor	Product	Version
dell	dellsystemlite.scanner_activex_control	`1.0.0.0`

References

http://secunia.com/advisories/42880

http://secunia.com/secunia_research/2011-11/

http://www.securityfocus.com/bid/46443

http://www.securitytracker.com/id?1025094

http://secunia.com/advisories/42880

http://secunia.com/secunia_research/2011-11/

http://www.securityfocus.com/bid/46443

http://www.securitytracker.com/id?1025094

Weakness Types

CWE-264

CVE Information

CVE ID:: CVE-2011-0330
Published:: 2011-02-21
Modified:: 2026-04-29
CVSS Score:: 5.0
Severity:: MEDIUM
Vector:: AV:N/AC:L/Au:N/C:P/I:N/A:N

Affected Vendors

dell

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL