Code Execution Vulnerability in IBM Rational AppScan Enterprise
CVE-2012-0736

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Appscan
Vendor: CVE Published:; 3 May 2012

Summary

IBM Rational AppScan Enterprise versions 5.x and 8.x prior to 8.5.0.1 contain a vulnerability that improperly creates scan jobs, potentially allowing remote attackers to execute arbitrary code by crafting a malicious website. This weakness could enable unauthorized access to sensitive information or compromise system integrity. Users are encouraged to upgrade to the latest version to mitigate potential risks associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/74559

vdb-entryx_refsource_XF

http://secunia.com/advisories/48967

third-party-advisoryx_refsource_SECUNIA

http://www.ibm.com/support/docview.wss?uid=swg21592188

x_refsource_CONFIRM

Timeline

Vulnerability published
May 3, 2012
Vulnerability Reserved
Jan 17, 2012