Severity: : Critical
  CVE Kennungen: : CVE-2011-1220

  DESCRIPTION

Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004681
  Trend Micro Deep Security DPI Rule Name: 1004681 - IBM Tivoli Management Framework 'opts' Argument Stack Buffer Overflow Vulnerability

  AFFECTED SOFTWARE AND VERSION:

  • ibm tivoli_management_framework 3.7.1
  • ibm tivoli_management_framework 4.1
  • ibm tivoli_management_framework 4.1.1
  • ibm tivoli_management_framework 4.3.1