Stack-based Buffer Overflow in IBM Tivoli Provisioning Manager Express
CVE-2012-0198

Currently unrated

Key Information:

Vendor
IBM
Status
Tivoli Provisioning Manager Express For Software Distribution
Vendor
CVE Published:
6 March 2012

Summary

A stack-based buffer overflow vulnerability exists in the RunAndUploadFile method of the Isig.isigCtl.1 ActiveX control within IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. This flaw allows remote attackers to execute arbitrary code by exploiting certain vectors related to an Asset Information file, potentially compromising the affected system's integrity.

References

http://www.zerodayinitiative.com/advisories/ZDI-12-040/
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/73033
vdb-entryx_refsource_XF

EPSS Score

64% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.