This host has IBM Installation Manager installed and is prone to Argument Injection vulnerability.

Successful exploitation will allow attackers to execute arbitrary code or compromise a user's system. Impact Level: Application/System

Upgrade to version 1.3.3 or later, http://www-01.ibm.com/software/awdtools/installmanager/support

The flaw is due to error in 'IBMIM.exe' when handling arguments received via an 'iim:' URI. This can be exploited to load an arbitrary library from a network share via a specially crafted '-vm' argument.

IBM Installation Manager 1.3.2 and prior on Windows.

• http://secunia.com/advisories/36906
• http://www.vupen.com/english/advisories/2009/2792

---

Updated on 2017-03-28