Argument Injection Vulnerability in IBM Installation Manager Affecting IBM Rational Products
CVE-2009-3518
Currently unrated
What is CVE-2009-3518?
The vulnerability allows remote attackers to exploit the iim: URI handler within IBM Installation Manager, enabling them to load arbitrary DLL files using the -vm option. This can be accomplished by referencing a UNC share pathname, posing a significant risk to the security of IBM Rational products like Rational Robot and Rational Team Concert. Attackers utilize this weakness to execute malicious software, potentially leading to unauthorized actions on affected systems.