Utvrđene su dvije ranjivosti proizvoda HP Application Lifecycle Management 11.x koje udaljeni napadač može iskoristiti za pokretanje proizvoljnog programskog koda i pregled/prepisivanje proizvoljnih datoteka.

HP Application Lifecycle Management XGO.ocx Two Vulnerabilities
Secunia Advisory 	SA50403 	
Release Date 	2012-08-30
Criticality level 	Highly criticalHighly critical
Impact 	System access
Where 	From remote
Authentication level 	Available in Customer Area
  	 
Report reliability 	Available in Customer Area
Solution Status 	Unpatched
  	 
Systems affected 	Available in Customer Area
Approve distribution 	Available in Customer Area
Remediation status 	Secunia VIM
  	 
Software:	
	HP Application Lifecycle Management 11.x

Secunia CVSS Score 	Available in Customer Area
CVE Reference(s) 	No CVE references.

	   	

Description

Two vulnerabilities have been reported in HP Application Lifecycle Management, which can be exploited by malicious people to compromise a user's system.

1) A type confusion error in the "SetShapeNodeType()" method within the XGO.ocx ActiveX control can be exploited to access user-specified data as an object.

2) The unsafe "CopyToFile()" method within the XGO.ocx ActiveX control allows creating and overwriting arbitrary files.

Successful exploitation of the vulnerabilities allows execution of arbitrary code.

Solution
Set the kill-bit for the affected ActiveX control.

Provided and/or discovered by
Andrea Micalizzi aka rgod via ZDI.