VYPR
Unrated severityNVD Advisory· Published Mar 26, 2014· Updated Jun 17, 2026

CVE-2014-0904

CVE-2014-0904

Description

The update process in IBM Security AppScan Standard 7.9 through 8.8 does not require integrity checks of downloaded files, which allows remote attackers to execute arbitrary code via a crafted file.

Affected products

7
  • cpe:2.3:a:ibm:security_appscan:7.9:-:standard:*:*:*:*:*+ 5 more
    • cpe:2.3:a:ibm:security_appscan:7.9:-:standard:*:*:*:*:*
    • cpe:2.3:a:ibm:security_appscan:8.0:-:standard:*:*:*:*:*
    • cpe:2.3:a:ibm:security_appscan:8.5:-:standard:*:*:*:*:*
    • cpe:2.3:a:ibm:security_appscan:8.6:-:standard:*:*:*:*:*
    • cpe:2.3:a:ibm:security_appscan:8.7:-:standard:*:*:*:*:*
    • cpe:2.3:a:ibm:security_appscan:8.8:-:standard:*:*:*:*:*
  • Range: >=7.9, <=8.8

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.