CVE-2012-0198

EUVD-2012-0236
Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
ibmtivoli_provisioning_manager_express_for_software_distribution
4.1.1
𝑥
= Vulnerable software versions
References
http://www.zerodayinitiative.com/advisories/ZDI-12-040/
https://exchange.xforce.ibmcloud.com/vulnerabilities/73033
http://www.zerodayinitiative.com/advisories/ZDI-12-040/
https://exchange.xforce.ibmcloud.com/vulnerabilities/73033