CVE-2013-0513

Published: Mar 29, 2013Modified: Apr 29, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 create a service that lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program, related to an "Unquoted Service Path Enumeration" vulnerability.

Affected (22)

Products: Ibm: Security Appscan, Rational Policy Tester

Ibm

2 products

Security Appscan

Rational Policy Tester

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Appscan	Version 5.6.0.0
Ibm Security Appscan	Version 8.0.0.0
Ibm Security Appscan	Version 8.0.0.1
Ibm Security Appscan	Version 8.0.0.2
Ibm Security Appscan	Version 8.0.1.0
Ibm Security Appscan	Version 8.0.1.1
Ibm Security Appscan	Version 8.0.11
Ibm Security Appscan	Version 8.5.0.0
Ibm Security Appscan	Version 8.5.0.1
Ibm Security Appscan	Version 8.6.0.0
Ibm Security Appscan	Version 8.6.0.1
Ibm Security Appscan	Version 8.6.0.2

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Policy Tester	Version 5.6.0.0
Ibm Rational Policy Tester	Version 8.0.0.0
Ibm Rational Policy Tester	Version 8.0.0.1
Ibm Rational Policy Tester	Version 8.0.0.2
Ibm Rational Policy Tester	Version 8.0.1.0
Ibm Rational Policy Tester	Version 8.0.1.1
Ibm Rational Policy Tester	Version 8.5.0.0
Ibm Rational Policy Tester	Version 8.5.0.1
Ibm Rational Policy Tester	Version 8.5.0.2
Ibm Rational Policy Tester	Version 8.5.0.3