CVE-2009-3518

Currently unrated

Key Information:

Vendor
IBM
Status
Installation Manager
Vendor
CVE Published:
1 October 2009

Summary

Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.

References

http://www.vupen.com/english/advisories/2009/2792
vdb-entryx_refsource_VUPEN
http://retrogod.altervista.org/9sg_ibm_uri.html
x_refsource_MISC
http://secunia.com/advisories/36906
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.