← back
CVE-2009-3518

CVE-2009-3518

EPSS 5.5%
Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/9802unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://retrogod.altervista.org/9sg_ibm_uri.htmlhttp://secunia.com/advisories/36906http://www.vupen.com/english/advisories/2009/2792