Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0735

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2012-0735
Last Modified 14 Feb 2013 11:53:55
Published 03 May 2012 12:08:25
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2012-0735

Summary

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly scan file: URLs, which allows man-in-the-middle attackers to obtain sensitive information or possibly have unspecified other impact via a crafted URI.

Vulnerable Systems

Application

  • Ibm Rational Appscan 5.2

  • Ibm Rational Appscan 5.4

  • Ibm Rational Appscan 5.5.0

  • Ibm Rational Appscan 5.5.0.1

  • Ibm Rational Appscan 5.5.0.2

  • Ibm Rational Appscan 5.6.0

  • Ibm Rational Appscan 5.6.0.3

  • Ibm Rational Appscan 8.0.0

  • Ibm Rational Appscan 8.0.0.1

  • Ibm Rational Appscan 8.0.0.2

  • Ibm Rational Appscan 8.0.0.3

  • Ibm Rational Appscan 8.0.1

  • Ibm Rational Appscan 8.0.1.1

  • Ibm Rational Appscan 8.5.0

  • Ibm Rational Appscan 8.5.0.0


References

XF - ae-fileuri-info-disclosure(74558)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21592188

SECUNIA - 48968

SECUNIA - 48967

BID - 53247


Last Updated: 27 May 2016 10:49:36