Unrestricted File Upload Vulnerability in IBM Rational AppScan Enterprise
CVE-2012-0729

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Appscan
Vendor: CVE Published:; 3 May 2012

Summary

An unrestricted file upload vulnerability exists in IBM Rational AppScan Enterprise versions 5.x and 8.x prior to 8.5.0.1. This flaw allows remote authenticated users to upload malicious .aspx files, which can then be executed to run arbitrary ASP.NET code. Exploitation of this vulnerability can occur through unspecified paths, compromising the integrity of the application and potentially leading to unauthorized access and execution of code.

References

http://secunia.com/advisories/48967

third-party-advisoryx_refsource_SECUNIA

http://www.ibm.com/support/docview.wss?uid=swg21592188

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/74366

vdb-entryx_refsource_XF

Timeline

Vulnerability published
May 3, 2012
Vulnerability Reserved
Jan 17, 2012