IBM Rational Developer for System z Unspecified Arbitrary Command Execution Vulnerability

Bugtraq ID:	58280
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 21 2013 12:00AM
Updated:	Feb 21 2013 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	IBM Rational Developer for System z 8.5.1
Not Vulnerable:

IBM Rational Developer for System z Unspecified Arbitrary Command Execution Vulnerability

IBM Rational Developer for System z is prone to an unspecified arbitrary command-execution vulnerability because it fails to properly validate user-supplied input.

An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application.

IBM Rational Developer for System z 8.5.1 is vulnerable; other versions may also be affected.

IBM Rational Developer for System z Unspecified Arbitrary Command Execution Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

IBM Rational Developer for System z Unspecified Arbitrary Command Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

IBM Rational Developer for System z Unspecified Arbitrary Command Execution Vulnerability

References:

• IBM Homepage (IBM)
  
• Rational Developer for System z Homepage (IBM)
  
• V8.5.1: UK91676 PTF for Rational Developer for System z Host Options (IBM)