Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-3518
HistoryOct 01, 2009 - 3:30 p.m.

CVE-2009-3518

2009-10-0115:30:00
CWE-94
[email protected]
web.nvd.nist.gov
5

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.019

Percentile

88.7%

JSON

Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.

Affected configurations

Nvd
Node
ibminstallation_managerRange1.3.2
OR
ibminstallation_managerMatch1.0
OR
ibminstallation_managerMatch1.2.1
OR
ibminstallation_managerMatch1.3.0
OR
ibminstallation_managerMatch1.3.1
VendorProductVersionCPE
ibminstallation_manager*cpe:2.3:a:ibm:installation_manager:*:*:*:*:*:*:*:*
ibminstallation_manager1.0cpe:2.3:a:ibm:installation_manager:1.0:*:*:*:*:*:*:*
ibminstallation_manager1.2.1cpe:2.3:a:ibm:installation_manager:1.2.1:*:*:*:*:*:*:*
ibminstallation_manager1.3.0cpe:2.3:a:ibm:installation_manager:1.3.0:*:*:*:*:*:*:*
ibminstallation_manager1.3.1cpe:2.3:a:ibm:installation_manager:1.3.1:*:*:*:*:*:*:*

Related

saint 4
prion 1
cvelist 1
openvas 2
exploitdb 1
cve 1
saint
saint
IBM Installation Manager iim URI Handling Code Execution
2009-10-16 00:00:00
IBM Installation Manager iim URI Handling Code Execution
2009-10-16 00:00:00
IBM Installation Manager iim URI Handling Code Execution
2009-10-16 00:00:00
prion
prion
Design/Logic Flaw
2009-10-01 15:30:00
cvelist
cvelist
CVE-2009-3518
2009-10-01 15:00:00
openvas
openvas
IBM Installation Manager URI Handling Argument Injection Vulnerability (Windows)
2009-10-12 00:00:00
IBM Installation Manager URI Handling Argument Injection Vulnerability - Windows
2009-10-12 00:00:00
exploitdb
exploitdb
IBM Installation Manager 1.3.0 - 'iim://' URI handler
2009-09-29 00:00:00
cve
cve
CVE-2009-3518
2009-10-01 15:30:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.019

Percentile

88.7%

JSON
Related for NVD:CVE-2009-3518
saint4prion1cvelist1openvas2exploitdb1cve1