- Description
- Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_provisioning_manager_express_for_software_distribution:4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A039B9D-4EFA-44FD-8986-2BE0FFB0C5E0"
}
],
"operator": "OR"
}
]
}
]