| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 9.8 | $5k-$25k | 0.00 |
A vulnerability has been found in IBM Installation Manager up to 1.0 and classified as very critical. This vulnerability affects some unknown functionality of the file IBMIM.exe of the component Installation. The manipulation with an unknown input leads to a code injection vulnerability. The CWE definition for the vulnerability is CWE-94. The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:
Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.
The weakness was disclosed 10/01/2009 (Website). The advisory is shared for download at vupen.com. This vulnerability was named CVE-2009-3518. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 08/23/2021). It is expected to see the exploit prices for this product increasing in the near future.The MITRE ATT&CK project declares the attack technique as T1059.
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 8880.
Product
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 9.8VulDB Meta Temp Score: 9.8
VulDB Base Score: 9.8
VulDB Temp Score: 9.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Code injectionCWE: CWE-94 / CWE-74 / CWE-707
ATT&CK: T1059
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
OpenVAS ID: 801011
OpenVAS Name: IBM Installation Manager URI Handling Argument Injection Vulnerability (Win)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Saint ID: exploit_info/ibm_installation_manager_iim_uri
Saint Name: IBM Installation Manager iim URI Handling Code Execution
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
Fortigate IPS: 🔍
Timeline
10/01/2009 🔍10/01/2009 🔍
10/01/2009 🔍
10/01/2009 🔍
10/28/2009 🔍
03/18/2015 🔍
08/23/2021 🔍
Sources
Vendor: ibm.comAdvisory: vupen.com⛔
Status: Not defined
CVE: CVE-2009-3518 (🔍)
Vulnerability Center: 23881 - IBM Installation Manager \x3C\x3D 1.3.2 IBMIM.exe URI Handler Arbitrary Code Execution Vulnerability, Medium
Entry
Created: 03/18/2015 15:15Updated: 08/23/2021 12:34
Changes: 03/18/2015 15:15 (56), 02/16/2017 10:04 (8), 08/23/2021 12:34 (3)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.