Arbitrary Code Execution via Topaz Systems SigPlus Pro ActiveX Control

Arbitrary Code Execution via Topaz Systems SigPlus Pro ActiveX Control

CVE-2011-0323 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allows remote attackers to execute arbitrary code by calling the exposed unsafe (1) SetLogFilePath and (2) SigMessage methods to create arbitrary files with arbitrary content.

Learn more about our Cis Benchmark Audit For Ibm Z System.