Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote host has an ActiveX control that is affected by an arbitrary
file overwrite vulnerability.

Description :

The remote host has the almaxcx.dll ActiveX control that is affected by
an arbitrary file overwrite vulnerability that can be triggered by
providing an absolute path when calling the control's Save() method in a
specially crafted HTML document.

See also :

http://www.nessus.org/u?177b6448

Solution :

Upgrade to Siemens Automation License Manager 5.1+SP1+Upd3 or
higher.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 63429 ()

Bugtraq ID: 50831

CVE ID: CVE-2011-4532