BID:50831

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

Info

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

Bugtraq ID:	50831
Class:	Input Validation Error
CVE:	CVE-2011-4532
Remote:	Yes
Local:	No
Published:	Nov 28 2011 12:00AM
Updated:	Jan 03 2012 09:50PM
Credit:	Luigi Auriemma
Vulnerable:	Siemens Automation License Manager 500.0.122 1

Not Vulnerable:

Discussion

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

Siemens Automation License Manager is prone to an arbitrary-file-overwrite vulnerability.

Attackers can overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).

Siemens Automation License Manager 500.0.122.1 is vulnerable; other versions may also be affected.

Exploit / POC

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

The discoverer of this issue has developed a working exploit. Please see the references for more information.

Solution / Fix

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

Solution:
The vendor released an update. Please see the references for more information.

References

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

References:

Siemens Automation License Manager Page (Siemens)
Vulnerabilities in Siemens Automation License Manager (Luigi Auriemma)
Vulnerabilities in Siemens Automation License Manager (Luigi Auriemma)