Directory Traversal Vulnerability in DellSystemLite Scanner by Dell
CVE-2011-0329

Currently unrated

Key Information:

Vendor: Dell
Status: Dellsystemlite.scanner Activex Control
Vendor: CVE Published:; 21 February 2011

Summary

A directory traversal vulnerability exists in the GetData method of the DellSystemLite.Scanner ActiveX control. This flaw allows remote attackers to manipulate the fileID parameter, enabling them to access arbitrary files on the server. By leveraging this vulnerability, unauthorized users can exploit the system's file access controls, thereby exposing sensitive information stored on the affected machine.

References

http://secunia.com/secunia_research/2011-10/

x_refsource_MISC

http://www.securityfocus.com/bid/46443

vdb-entryx_refsource_BID

http://secunia.com/advisories/42880

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 21, 2011
Vulnerability Reserved
Jan 6, 2011