Skip to main content

IBM Raditional Appscan Products Two Vulnerabilities

Last Update Date: 7 Oct 2011 15:11 Release Date: 7 Oct 2011 6026 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Two vulnerabilities have been identified in IBM Rational AppScan, which can be exploited by malicious people to compromise a user's system.

  1. An unspecified error in the import functionality can be exploited via a specially crafted ZIP file.
    NOTE: This only affects the Enterprise and Reporting Console editions.

  2. An unspecified error in the load file functionality can be exploited via a specially crafted SCAN file.
    NOTE: This only affects the Standard and Express editions.

Successful exploitation of these vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening a malicious file.


Impact

  • Remote Code Execution

System / Technologies affected

  • IBM Raditional Appscan 5.x
  • IBM Raditional Appscan 6.x
  • IBM Raditional Appscan 7.x
  • IBM Raditional Appscan 8.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link