BID:51267

Siemens Tecnomatix FactoryLink ActiveX Arbitrary File Overwrite Vulnerability

Info

Siemens Tecnomatix FactoryLink ActiveX Arbitrary File Overwrite Vulnerability

Bugtraq ID:	51267
Class:	Boundary Condition Error
CVE:	CVE-2011-4056
Remote:	Yes
Local:	No
Published:	Jan 04 2012 12:00AM
Updated:	Jan 04 2012 12:00AM
Credit:	Kuang-Chun Hung
Vulnerable:	Siemens Tecnomatix FactoryLink 6.6.1 Siemens Tecnomatix FactoryLink 8.0.2.54 Siemens Tecnomatix FactoryLink 7.5.217

Not Vulnerable:

Discussion

Siemens Tecnomatix FactoryLink ActiveX Arbitrary File Overwrite Vulnerability

Siemens Tecnomatix FactoryLink ActiveX is prone to an arbitrary-file-overwrite vulnerability.

Attackers can save and overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).

The following Siemens Tecnomatix FactoryLink versions are vulnerable:
V8.0.2.54
V7.5.217 (V7.5 SP2)
V6.6.1 (V6.6 SP1)

Exploit / POC

Siemens Tecnomatix FactoryLink ActiveX Arbitrary File Overwrite Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Siemens Tecnomatix FactoryLink ActiveX Arbitrary File Overwrite Vulnerability

Solution:
The vendor has released a patch. Please see the references for details.

References

Siemens Tecnomatix FactoryLink ActiveX Arbitrary File Overwrite Vulnerability

References:

Siemens Tecnomatix FactoryLink Homepage (Siemens)
V ICSA-11-343-01�??SIEMENS FACTORYLINK MULTIPLE ACTIVEX VULNERABILITIES (US-CERT)