This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature will detect attempts to exploit a remote command execution vulnerability in IBM Installation Manager.
IBM Installation Manager is an application that allows users to install, update, modify, or uninstall applications.
Installation Manager is prone to a remote code-execution vulnerability because the application fails to handle specially crafted 'iim://' URIs. Specifically, when exploited through Internet Explorer, it's possible to specify an extra command-line argument to the URI.
Attackers could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.
The following products that include Installation Manager are vulnerable:
IBM Rational Robot
IBM Rational Team Concert
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: firstname.lastname@example.org.