Multiple IBM Products CVE-2013-0512 Stack Buffer Overflow Vulnerability

Bugtraq ID:	58690
Class:	Boundary Condition Error
CVE:	CVE-2013-0512
Remote:	Yes
Local:	No
Published:	Mar 25 2013 12:00AM
Updated:	Mar 25 2013 12:00AM
Credit:	IBM
Vulnerable:	IBM Rational Policy Tester 8.5.0.1 IBM Rational Policy Tester 8.5 IBM Rational AppScan Enterprise 8.5.0.1 IBM Rational AppScan Enterprise 8.0.1.1 IBM Rational AppScan Enterprise 8.0.1 IBM Rational AppScan Enterprise 8.0.0.1 IBM Rational AppScan Enterprise 8.0.0
Not Vulnerable:

Multiple IBM Products CVE-2013-0512 Stack Buffer Overflow Vulnerability

Multiple IBM products are prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

The following product versions are affected:

Rational AppScan Enterprise versions 8.0 through 8.6.0.2
Rational Policy Tester versions 8.0 through 8.5.0.3

Multiple IBM Products CVE-2013-0512 Stack Buffer Overflow Vulnerability

An attacker can exploit this issue using a web browser.

Multiple IBM Products CVE-2013-0512 Stack Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Multiple IBM Products CVE-2013-0512 Stack Buffer Overflow Vulnerability

References:

• IBM Homepage (IBM)
  
• Rational AppScan Enterprise Homepage (IBM)