Info

Disclosure

Apr 02, 2012

Discovery

Unknown

Dates

Exploit

Jan 08, 2013

Solution

Apr 02, 2012

Description

IBM Cognos TM1 is prone to an overflow condition. The admin server component fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted request, a remote attacker can potentially execute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public
Disclosure: Vendor Verified, Third-party Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

IBM Corporation	Cognos TM1	9.4.1
		9.5.1
		9.5.2

References

Security Tracker: 1026881
CVE ID: 2012-0202 (see also: NVD)
Exploit Database: 23969
Secunia Advisory ID: 48568 49192
Bugtraq ID: 52847
ISS X-Force ID: 73182
Packet Storm: http://packetstormsecurity.com/files/119330/IBM-Cognos-tm1admsd.exe-Overflow.html
Vendor Specific News/Changelog Entry: http://www-01.ibm.com/support/docview.wss?uid=swg21590314
http://www-01.ibm.com/support/docview.wss?uid=swg24032164
http://www-01.ibm.com/support/docview.wss?uid=swg24032165
http://www-01.ibm.com/support/docview.wss?uid=swg24032166
http://www.ibm.com/support/docview.wss?uid=swg21592222
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-12-101/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/80876

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

IBM Corporation

Cognos TM1

References

Credit