Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability

Added: 04/13/2012
CVE: CVE-2012-0198
BID: 52252
OSVDB: 79735

Background

Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution.

Problem

A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control allows arbitrary command execution when a user loads a specially crafted web page.

Resolution

Set the kill bit on the ActiveX control with class ID 84B74E82-3475-420E-9949-773B4FB91771 as described in Microsoft Knowledge Base Article 240797.

References

http://www.zerodayinitiative.com/advisories/ZDI-12-040/

Limitations

Exploit works on Tivoli Provisioning Manager Express V4.1.1 on Microsoft Windows XP SP3 English (DEP OptIn) and requires a user to load the exploit page in Internet Explorer 8.

Platforms

Windows

Back to exploit index