Intrusion Prevention

NII.Framework.Multiple.ActiveX.Arbitrary.File.Creation

Description

This indicates an attack attempt to exploit a Remote File Creation vulnerability in the National Instruments Installer Framework.
The vulnerability, which is located in multiple ActiveX controls shipped as a part of the product, can be exploited through misuse of a vulnerable method. It may allow remote attackers to create arbitrary files with attacker-controlled contents on a targeted machine, using the affected ActiveX control.

Affected Products

National Instruments Installer Framework 1.1

Impact

System Compromise: Remote attackers can execute arbitrary code on vulnerable systems.

Recommended Actions

Apply patch available from the website.
http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument

CVE References

CVE-2013-5021