CVE-2012-0204

Name of the Vulnerable Software and Affected Versions InfoSphere Information Server versions 8.1 through 9.1 InfoSphere Import Export Manager versions 8.1 through 9.1 InfoSphere Information Server version 8.5 before FP3 InfoSphere Information Server version 8.7

Description The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory due to an untrusted search path vulnerability in InfoSphere Import Export Manager in IBM InfoSphere Information Server.

Recommendations For InfoSphere Information Server versions 8.1 through 9.1, update to a version that includes the fix for this issue. For InfoSphere Import Export Manager versions 8.1 through 9.1, update to a version that includes the fix for this issue. For InfoSphere Information Server version 8.5 before FP3, apply FP3 or a later fix pack to resolve the issue. For InfoSphere Information Server version 8.7, update to a version that includes the fix for this issue.