CVE-2011-1220
IBM Tivoli Management Framework - Memory Corruption
Title source: ruleDescription
Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
Exploits (2)
metasploit
WORKING POC
GOOD
by bannedit · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ibm_tivoli_endpoint_bof.rb
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17392
References (8)
Scores
EPSS
0.6537
EPSS Percentile
98.5%
Classification
CWE
CWE-119
Status
draft
Affected Products (4)
ibm/tivoli_management_framework
ibm/tivoli_management_framework
ibm/tivoli_management_framework
ibm/tivoli_management_framework
Timeline
Published
Jun 02, 2011
Tracked Since
Feb 18, 2026