CVE-2011-0330

Name of the Vulnerable Software and Affected Versions DellSystemLite.ocx version 1.0.0.0

Description The issue allows remote attackers to execute arbitrary WMI Query Language (WQL) statements via a crafted value of the WMIAttributesOfInterest property. This can be used to disclose information about installed software.

Recommendations For DellSystemLite.ocx version 1.0.0.0, consider restricting the values of the WMIAttributesOfInterest property to prevent the execution of arbitrary WQL statements. As a temporary workaround, consider disabling the use of the WMIAttributesOfInterest property until a patch is available.