CVE-2009-3518

IBM Installation Manager < 1.3.2 - Remote Code Execution via iim: URI Handler -vm Option

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3518. PoCs published by bruiser.

AI-analyzed exploit summary This exploit leverages the IBM Installation Manager's iim:// URI handler vulnerability (CVE-2009-3518) to execute arbitrary code via command-line argument injection in Internet Explorer. The PoC uses an iframe to pass malicious arguments (-vm) to load a DLL from a remote share.

Description

Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demonstrated by a reference to a UNC share pathname.

Exploits (1)

exploitdb WORKING POC VERIFIED

by bruiser · htmlremotewindows

https://www.exploit-db.com/exploits/9802

View Code ZIP pw:eip

This exploit leverages the IBM Installation Manager's iim:// URI handler vulnerability (CVE-2009-3518) to execute arbitrary code via command-line argument injection in Internet Explorer. The PoC uses an iframe to pass malicious arguments (-vm) to load a DLL from a remote share.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: IBM Installation Manager <= 1.3.0 (affecting IBM Rational products)

No auth needed

Prerequisites: Victim must use Internet Explorer · Attacker must host a malicious DLL on a network share · IBM Installation Manager must be installed

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/2792

Exploit x_refsource_misc

http://retrogod.altervista.org/9sg_ibm_uri.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36906

Scores

EPSS 0.0550

EPSS Percentile 91.8%

Details

CWE

CWE-94

Status published

Products (5)

ibm/installation_manager 1.0

ibm/installation_manager 1.2.1

ibm/installation_manager 1.3.0

ibm/installation_manager 1.3.1

ibm/installation_manager < 1.3.2

Published Oct 01, 2009

Tracked Since Feb 18, 2026