ID |
CVE-2012-0198
|
Summary |
Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 9.3 (as of 29-08-2017 - 01:30) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
refmap
via4
|
|
saint
via4
|
bid | 52252 | description | Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability | id | misc_tivolipmever | osvdb | 79735 | title | tivoli_prov_mgr_runanduploadfile | type | client |
|
Last major update |
29-08-2017 - 01:30 |
Published |
06-03-2012 - 04:18 |
Last modified |
29-08-2017 - 01:30 |