Lucene search
IbmCVELIST:CVE-2014-0871HistoryJul 07, 2014 - 10:00 a.m.
CVE-2014-0871
2014-07-0710:00:00
ibm
www.cve.org
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character.
References
packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html
seclists.org/fulldisclosure/2014/Jun/173
secunia.com/advisories/59296
www-01.ibm.com/support/docview.wss?uid=swg21675881
www.securityfocus.com/archive/1/532598/100/0/threaded
exchange.xforce.ibmcloud.com/vulnerabilities/90945
www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt
Related
nvd
nvd
CVE-2014-0871
2014-07-07 11:01:29
cve
cve
CVE-2014-0871
2014-07-07 11:01:29
prion
prion
Information disclosure
2014-07-07 11:01:00
ibm
ibm
seebug
seebug
IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities
2014-07-02 00:00:00
securityvulns
securityvulns
IBM Algorithmics RICOS multiple security vulnerabilities
2014-10-16 00:00:00
packetstorm
packetstorm
IBM Algorithmics RICOS Disclosure / XSS / CSRF
2014-06-30 00:00:00
exploitpack
exploitpack
IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities
2014-07-01 00:00:00
exploitdb
exploitdb
IBM Algorithmics RICOS 4.5.0 < 4.7.0 - Multiple Vulnerabilities
2014-07-01 00:00:00