Novell ZENworks AdminStudio LaunchHelp ActiveX Arbitrary Code Execution Exploit

This module allows remote attackers to place arbitrary files on a temporary folder in Novel ZENWorks AdminStudio, through a vulnerability in LaunchHelp.dll ActiveX Control (LaunchHelp.dll version 9.5.0.0). Code execution is achieved by uploading and executing a vbs script which then requests and executes Impact's binary agent.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2011-2657
Product Version: 
12.5
Released Date: 
Tuesday, November 13, 2012 - 00:00