CVE-2012-0198

IBM Tivoli Provisioning Manager Express 4.1.1 - Stack-Based Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-0198. PoCs published by Metasploit, Andrea Micalizzi aka rgod, juan vazquez, sinn3r, including Metasploit module exploits/windows/browser/ibm_tivoli_pme_activex_bof.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow vulnerability in the IBM Tivoli Provisioning Manager Express for Software Distribution ActiveX control via the 'RunAndUploadFile' method. It achieves remote code execution by overflowing a stack buffer with user-controlled data passed through the 'OtherFields' parameter.

Description

Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/18727

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow vulnerability in the IBM Tivoli Provisioning Manager Express for Software Distribution ActiveX control via the 'RunAndUploadFile' method. It achieves remote code execution by overflowing a stack buffer with user-controlled data passed through the 'OtherFields' parameter.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1

No auth needed

Prerequisites: Victim must use Internet Explorer 6-8 on Windows XP SP3 · ActiveX control must be installed and enabled

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Andrea Micalizzi aka rgod, juan vazquez, sinn3r · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow vulnerability in the IBM Tivoli Provisioning Manager Express for Software Distribution ActiveX control via the 'RunAndUploadFile' method. The exploit uses a heap spray technique to achieve remote code execution on vulnerable systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1

No auth needed

Prerequisites: Victim must visit a malicious webpage · ActiveX control must be installed and enabled

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-12-040/

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/73033

Scores

EPSS 0.3695

EPSS Percentile 98.3%

Details

Status published

Products (1)

ibm/tivoli_provisioning_manager_express_for_software_distribution 4.1.1

Published Mar 06, 2012

Tracked Since Feb 18, 2026