Vulnerabilities > CVE-2012-0198 - Unspecified vulnerability in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow. CVE-2012-0198. Remote exploit fo... |
id | EDB-ID:18727 |
last seen | 2016-02-02 |
modified | 2012-04-10 |
published | 2012-04-10 |
reporter | metasploit |
source | https://www.exploit-db.com/download/18727/ |
title | IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 - ActiveX RunAndUploadFile Method Overflow |
Metasploit
description | This module exploits a buffer overflow vulnerability in the Isig.isigCtl.1 ActiveX installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. The vulnerability is found in the "RunAndUploadFile" method where the "OtherFields" parameter with user controlled data is used to build a "Content-Disposition" header and attach contents in an insecure way which allows to overflow a buffer in the stack. |
id | MSF:EXPLOIT/WINDOWS/BROWSER/IBM_TIVOLI_PME_ACTIVEX_BOF |
last seen | 2020-06-07 |
modified | 2017-10-05 |
published | 2012-04-09 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0198 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb |
title | IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow |
Nessus
NASL family | Windows |
NASL id | TIVOLI_PROVISIONING_MANAGER_EXPRESS_ACTIVEX_RUNANDUPLOADFILE_BOF.NASL |
description | The remote host has the IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX control installed. This control fails to properly parse data supplied to the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 58389 |
published | 2012-03-19 |
reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/58389 |
title | IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile Method Boundary Error Remote Overflow |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/111680/ibm_tivoli_pme_activex_bof.rb.txt |
id | PACKETSTORM:111680 |
last seen | 2016-12-05 |
published | 2012-04-10 |
reporter | rgod |
source | https://packetstormsecurity.com/files/111680/IBM-Tivoli-Provisioning-Manager-Express-Overflow.html |
title | IBM Tivoli Provisioning Manager Express Overflow |
Saint
bid | 52252 |
description | Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability |
id | misc_tivolipmever |
osvdb | 79735 |
title | tivoli_prov_mgr_runanduploadfile |
type | client |