HP Application Lifecycle Management (ALM) is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable dashboard.
XGO.ocx ActiveX control in HP Application Lifecycle Management exposes an insecure method, CopyToFile, which allows an attacker to create and overwrite files on the system of the user invoking the control. A remote attacker who persuades a user to visit a specially crafted web page could execute arbitrary code in the context of the process.
Upgrade when HP provides one. In the interim, access to the HP Application Lifecycle Management service should be restricted to trusted machines.
This exploit has been tested against HP Lifecycle Management ActiveX 11.50.777.0 on Microsoft Windows XP SP3 English (DEP OptIn).
The user must open the exploit page in Internet Explorer.
The target machine must reboot after the exploit script runs in order to open the shell connection.