Argument Injection Vulnerability in IBM Installation Manager Affecting IBM Rational Products
CVE-2009-3518

Currently unrated

Key Information:

Vendor

IBM
Status
Installation Manager
Vendor
CVE Published:
1 October 2009

What is CVE-2009-3518?

The vulnerability allows remote attackers to exploit the iim: URI handler within IBM Installation Manager, enabling them to load arbitrary DLL files using the -vm option. This can be accomplished by referencing a UNC share pathname, posing a significant risk to the security of IBM Rational products like Rational Robot and Rational Team Concert. Attackers utilize this weakness to execute malicious software, potentially leading to unauthorized actions on affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2009/2792
vdb-entryx_refsource_VUPEN
http://retrogod.altervista.org/9sg_ibm_uri.html
x_refsource_MISC
http://secunia.com/advisories/36906
third-party-advisoryx_refsource_SECUNIA

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.