All the vulnerabilites related to ibm - infosphere_import_export_manager
cve-2012-0204
Vulnerability from cvelistv5
Published
2013-01-31 11:00
Modified
2024-08-06 18:16
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/73255 | vdb-entry, x_refsource_XF | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21623501 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:19.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "infosphere-is-dll-code-execution(73255)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73255"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21623501"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers \u0026 Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "infosphere-is-dll-code-execution(73255)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73255"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21623501"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-0204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers \u0026 Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "infosphere-is-dll-code-execution(73255)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73255"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21623501",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21623501"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-0204",
"datePublished": "2013-01-31T11:00:00",
"dateReserved": "2011-12-14T00:00:00",
"dateUpdated": "2024-08-06T18:16:19.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-01-31 12:06
Modified
2024-11-21 01:34
Severity ?
Summary
Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_import_export_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A85A0D3-1941-4F6B-8787-286A009440DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_import_export_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "915337FC-0BFD-44FB-A7D2-765E1422DD4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_import_export_manager:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "276EFD18-CD4A-4F1A-AAF2-953F22B075DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_import_export_manager:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEC85B5-BFB8-4B07-8F63-0752C94E58FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_import_export_manager:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27BE8D08-C377-4248-ADB7-69962F5D2C3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_import_export_manager:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E47D3B91-D36A-4F16-9874-41376887B6D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "317FAE67-76E2-4084-9393-8A02D255BAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7096B4-291F-49BB-8DBC-E67AC901CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D547E88D-FE3F-4C90-B7D8-301A1449E9AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5585D2C4-6575-4469-A6EF-CCDC3A0BEDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "42A9CF5C-79EC-4BBF-92AF-2AB3DC125684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F3BF0A4B-5DDB-420D-B1F2-8C1ED23F60CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server_metabrokers_\\\u0026_bridges:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D571DC-7829-4F9C-A959-36E586B4C7C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers \u0026 Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de b\u00fasqueda de ruta no confiable en el Import Export Manager v8.1 hasta v9.1 en InfoSphere Information Server MetaBrokers \u0026 Bridges (MBB) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, v8.7, y v9.1 permite a usuarios locales ganar privielgios mediante un troyano DLL en el directorio actual de trabajo."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n\u0027CWE-426 Untrusted Search Path\u0027",
"evaluatorImpact": "Per: http://www-01.ibm.com/support/docview.wss?uid=swg21623501\r\n\r\n\"CVSS Base Score: 9.3 / CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)\r\n\r\na malicious user who has access to a machine with the Import Export Manager installed could execute arbitrary commands in the context of any user who accesses the Import Export Manager application. \"",
"id": "CVE-2012-0204",
"lastModified": "2024-11-21T01:34:34.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-31T12:06:17.707",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21623501"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21623501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73255"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}