Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0736

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0736
Last Modified 14 Feb 2013 11:53:55
Published 03 May 2012 12:08:25
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0736

Summary

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which allows remote attackers to execute arbitrary code via a crafted web site.

Vulnerable Systems

Application

  • Ibm Rational Appscan 5.2

  • Ibm Rational Appscan 5.4

  • Ibm Rational Appscan 5.5.0

  • Ibm Rational Appscan 5.5.0.1

  • Ibm Rational Appscan 5.5.0.2

  • Ibm Rational Appscan 5.6.0

  • Ibm Rational Appscan 5.6.0.3

  • Ibm Rational Appscan 8.0.0

  • Ibm Rational Appscan 8.0.0.1

  • Ibm Rational Appscan 8.0.0.2

  • Ibm Rational Appscan 8.0.0.3

  • Ibm Rational Appscan 8.0.1

  • Ibm Rational Appscan 8.0.1.1

  • Ibm Rational Appscan 8.5.0

  • Ibm Rational Appscan 8.5.0.0


References

XF - ae-platformauth-code-execution(74559)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21592188

SECUNIA - 48968

SECUNIA - 48967

BID - 53247


Last Updated: 27 May 2016 10:49:36