Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability

2012-04-1300:00:00

SAINT Corporation

download.saintcorporation.com

EPSS

0.966

Percentile

99.7%

JSON

Added: 04/13/2012
CVE: CVE-2012-0198
BID: 52252
OSVDB: 79735

Background

Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution.

Problem

A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control allows arbitrary command execution when a user loads a specially crafted web page.

Resolution

Set the kill bit on the ActiveX control with class ID 84B74E82-3475-420E-9949-773B4FB91771 as described in Microsoft Knowledge Base Article 240797.

References

<http://www.zerodayinitiative.com/advisories/ZDI-12-040/>

Limitations

Exploit works on Tivoli Provisioning Manager Express V4.1.1 on Microsoft Windows XP SP3 English (DEP OptIn) and requires a user to load the exploit page in Internet Explorer 8.

Platforms

Windows

EPSS

0.966

Percentile

99.7%

JSON

Related for SAINT:F8306BFCAF476E46068CD8A119A5FB0D