AutoFORM PDM Archive contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application.
According to AutoFORM's website AutoFORM PDM Archive is a comprehensive output management solution that encompasses document creation, design and electronic distribution with a fully integrated online document archiving and viewing system. AutoFORM PDM Archive software contains multiple vulnerabilities.
CWE-648: Incorrect Use of Privileged APIs CVE-2012-1827:
A remote unauthenticated attacker may obtain sensitive information, cause a denial of service condition or execute arbitrary code with the privileges of the application.
Apply an Update
Thanks to David Elze of Daimler TSS GmbH for reporting this vulnerability.
This document was written by Michael Orlando.