3 matches found
CVE-2014-6134
CVE-2014-6134 affects IBM Rational ClearCase 8.0.0 prior to 8.0.0.14 and 8.0.1 prior to 8.0.1.7. During installation, when using Installation Manager before 1.8.2, the installer retains server passwords in cleartext in process memory, enabling a local attacker with access to the installation acco...
CVE-2009-3518
CVE-2009-3518 describes an argument injection vulnerability in the IBM Installation Manager (IIM) URI handler (IBMIM.exe) used by IBM Rational Robot and Rational Team Concert. The iim:// URI scheme handler can be manipulated via the -vm option to load an arbitrary DLL, with a demonstration involv...
CVE-2015-7442
The CVE-2015-7442 issue affects IBM Installation Manager (and IBM Packaging Utility) scripts, notably consoleinst.sh, with a local privilege escalation via a race condition in /tmp. An attacker could place a Trojan horse executable named based on a predictable PID value to run with administrator/...