Vulnerabilities > CVE-2012-0729 - Multiple Security vulnerability in IBM Rational Products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
ibm
Summary
Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to execute arbitrary ASP.NET code by uploading a .aspx file, and then accessing it via unspecified vectors. Per: http://cwe.mitre.org/data/definitions/434.html 'Unrestricted Upload of File with Dangerous Type'