11 matches found
CVE-2016-8563
Siemens Automation License Manager ALM before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service ALM service outage via crafted packets to TCP port 4410...
Sql injection
SQL injection vulnerability in Siemens Automation License Manager ALM before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410...
Design/Logic Flaw
Siemens Automation License Manager ALM before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service ALM service outage via crafted packets to TCP port 4410...
Information disclosure
Siemens Automation License Manager ALM before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets...
Memory corruption
Memory leak in Siemens Automation License Manager ALM 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service memory consumption via crafted packets...
KLA10084 DoS vulnerability in Siemens ALM
A memory leak was found in Siemens ALM. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via specially designed packets. Original advisories Siemens bulletin Related products Automation-License-Manager CVE list CVE-2012-469...
CVE-2011-4532
Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager ALM 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method...
CVE-2011-4531
Siemens Automation License Manager ALM 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via crafted content in a 1 gettargetocxparam or 2 sendtargetocxparam command...
Design/Logic Flaw
Siemens Automation License Manager ALM 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service exception and daemon crash via long fields, as demonstrated by fields to the 1 opensession-workstation-NAME or 2...
CVE-2011-4531
Siemens Automation License Manager ALM 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via crafted content in a 1 gettargetocxparam or 2 sendtargetocxparam command...
CVE-2011-4529
Multiple buffer overflows in Siemens Automation License Manager ALM 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an licensekey command, as demonstrated by the 1 checklicensekey or 2 readlicensekey command...