Sign-up

ID

VAR-201201-0029


CVE

CVE-2011-4532


TITLE

Siemens Automation License Manager 'almaxcx.dll' ActiveX Arbitrary File Overwrite Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2011-5100 // BID: 50831

DESCRIPTION

Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method. The Siemens Automation License Manager is the authorization manager program for Siemens software. The save method provided by the almaxcx.dll ActiveX control (ALMListView.ALMListCtrlE57AF4A2-EF57-41D0-8512-FECDA78F1FE7) allows any file name to be saved. The attacker constructs a malicious WEB page to entice the user to access it. file

Trust: 2.88

sources: NVD: CVE-2011-4532 // JVNDB: JVNDB-2012-001031 // CNVD: CNVD-2011-5100 // BID: 50831 // IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d // IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52477

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d // IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5100

AFFECTED PRODUCTS

vendor:siemensmodel:automation license managerscope:lteversion:5.1

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:500.0.1221

Trust: 0.9

vendor:siemensmodel:automation license managerscope:eqversion:2.0 to 5.1+sp1+upd2

Trust: 0.8

vendor:siemensmodel:automation license managerscope:eqversion:5.1

Trust: 0.6

vendor:automation license managermodel: - scope:eqversion:*

Trust: 0.4

sources: IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d // IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5100 // BID: 50831 // JVNDB: JVNDB-2012-001031 // CNNVD: CNNVD-201201-082 // NVD: CVE-2011-4532

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4532
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4532
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201201-082
value: MEDIUM

Trust: 0.6

IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-52477
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4532
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-52477
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d // IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52477 // JVNDB: JVNDB-2012-001031 // CNNVD: CNNVD-201201-082 // NVD: CVE-2011-4532

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-52477 // JVNDB: JVNDB-2012-001031 // NVD: CVE-2011-4532

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201111-483 // CNNVD: CNNVD-201201-082

TYPE

Path traversal

Trust: 1.0

sources: IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d // IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201201-082

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-001031

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-52477

PATCH
title:57252401url:http://support.automation.siemens.com/WW/llisapi.dll/57252401?func=ll&objId=57252401&objAction=csView&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=WW&load=content
Trust: 0.8
title:114358url:http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=114358&caller=view
Trust: 0.8
title:ソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx
Trust: 0.8
title:Top Pageurl:http://www.siemens.com/entry/jp/ja/
Trust: 0.8
title:Siemens Automation License Manager 'almaxcx.dll' ActiveX arbitrary file coverage vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/72715
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2011-5100 // 
            
            
            
            JVNDB: JVNDB-2012-001031

EXTERNAL IDS
db:NVDid:CVE-2011-4532
Trust: 3.2
db:ICS CERTid:ICSA-11-361-01
Trust: 2.5
db:BIDid:50831
Trust: 1.6
db:CNNVDid:CNNVD-201201-082
Trust: 1.1
db:CNVDid:CNVD-2011-5100
Trust: 0.8
db:JVNDBid:JVNDB-2012-001031
Trust: 0.8
db:CNNVDid:CNNVD-201111-483
Trust: 0.6
db:IVDid:65A1275C-1F7D-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:3D08CFFE-2354-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:EXPLOIT-DBid:18165
Trust: 0.1
db:SEEBUGid:SSVID-89651
Trust: 0.1
db:VULHUBid:VHN-52477
Trust: 0.1
sources:
            
            
            IVD: 65a1275c-1f7d-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 3d08cffe-2354-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2011-5100 // 
            
            
            
            VULHUB: VHN-52477 // 
            
            
            
            BID: 50831 // 
            
            
            
            JVNDB: JVNDB-2012-001031 // 
            
            
            
            CNNVD: CNNVD-201111-483 // 
            
            
            
            CNNVD: CNNVD-201201-082 // 
            
            
            
            NVD: CVE-2011-4532

REFERENCES
url:http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
Trust: 2.6
url:http://www.us-cert.gov/control_systems/pdf/icsa-11-361-01.pdf
Trust: 2.5
url:http://support.automation.siemens.com/ww/view/en/114358
Trust: 1.7
url:http://support.automation.siemens.com/ww/llisapi.dll/57252401?func=ll&objid=57252401&objaction=csview&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=ww&load=content
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4532
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4532
Trust: 0.8
url:http://www.securityfocus.com/bid/50831
Trust: 0.6
url:http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=ww&objid=17323948&tree
Trust: 0.3
url:/archive/1/520660
Trust: 0.3
url:http://support.automation.siemens.com/ww/llisapi.dll/57252401?func=ll&objid=57252401&objaction=csview&nodeid0=17323948&lang=en&siteid=cseus&aktprim=0&extranet=standard&viewreg=ww&load=content
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2011-5100 // 
            
            
            
            VULHUB: VHN-52477 // 
            
            
            
            BID: 50831 // 
            
            
            
            JVNDB: JVNDB-2012-001031 // 
            
            
            
            CNNVD: CNNVD-201111-483 // 
            
            
            
            CNNVD: CNNVD-201201-082 // 
            
            
            
            NVD: CVE-2011-4532

CREDITS
Luigi Auriemma
Trust: 0.9
sources:
            
            
            BID: 50831 // 
            
            
            
            CNNVD: CNNVD-201111-483

SOURCES
db:IVDid:65a1275c-1f7d-11e6-abef-000c29c66e3d
db:IVDid:3d08cffe-2354-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-5100
db:VULHUBid:VHN-52477
db:BIDid:50831
db:JVNDBid:JVNDB-2012-001031
db:CNNVDid:CNNVD-201111-483
db:CNNVDid:CNNVD-201201-082
db:NVDid:CVE-2011-4532

LAST UPDATE DATE
2024-08-14T14:34:35.774000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2011-5100date:2016-03-15T00:00:00
db:VULHUBid:VHN-52477date:2012-01-09T00:00:00
db:BIDid:50831date:2012-01-03T21:50:00
db:JVNDBid:JVNDB-2012-001031date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201111-483date:2011-11-30T00:00:00
db:CNNVDid:CNNVD-201201-082date:2012-01-11T00:00:00
db:NVDid:CVE-2011-4532date:2012-01-09T05:00:00

SOURCES RELEASE DATE
db:IVDid:65a1275c-1f7d-11e6-abef-000c29c66e3ddate:2011-12-05T00:00:00
db:IVDid:3d08cffe-2354-11e6-abef-000c29c66e3ddate:2012-01-11T00:00:00
db:CNVDid:CNVD-2011-5100date:2011-12-05T00:00:00
db:VULHUBid:VHN-52477date:2012-01-08T00:00:00
db:BIDid:50831date:2011-11-28T00:00:00
db:JVNDBid:JVNDB-2012-001031date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201111-483date:1900-01-01T00:00:00
db:CNNVDid:CNNVD-201201-082date:2012-01-11T00:00:00
db:NVDid:CVE-2011-4532date:2012-01-08T20:55:01.343