IBM Security Bulletin: Download of Code Without Integrity Check vulnerability in IBM Security AppScan Standard (CVE-2014-0904)
|
System information
|
| |
|
|
Affected software |
IBM |
Description
|
IBM Security AppScan Standard can be affected a vulnerability in the update process that could allow remote code injection. CVE(s): CVE-2014-0904 Affected product(s) and affected version(s): IBM Security AppScan Standard 8.8 IBM Security AppScan Standard 8.7 IBM Security AppScan Standard 8.6 IBM Rational AppScan Standard 8.5 IBM Rational AppScan Standard 8.0 IBM Rational AppScan Standard 7.9 Refer to the following reference URLs for remediation and additional vulnerability details:
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_download_of_code_without_integrity_check_vulnerability_in_ibm_security_appscan_standard_cve_2014_0904?lang=en_us |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2014-0904 ,CVE-2013-6724 ,CVE-2013-4002 ,CVE-2013-5825 ,CVE-2013-5372 ,CVE-2014-0416 ,CVE-2014-0411 ,CVE-2013-5907 and CVE-2014-0417. |
