Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability
Medium Nessus Plugin ID 63429
SynopsisThe remote host has an ActiveX control that is affected by an arbitrary file overwrite vulnerability.
DescriptionThe remote host has the almaxcx.dll ActiveX control that is affected by an arbitrary file overwrite vulnerability that can be triggered by providing an absolute path when calling the control's Save() method in a specially crafted HTML document.
SolutionUpgrade to Siemens Automation License Manager 5.1+SP1+Upd3 or higher.