Lucene search
PRIOn knowledge basePRION:CVE-2014-0871HistoryJul 07, 2014 - 11:01 a.m.
Information disclosure
2014-07-0711:01:00
PRIOn knowledge base
www.prio-n.com
2
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character.
| CPE | Name | Operator | Version |
|---|---|---|---|
| algo_credit_limits | eq | 4.7.0 | |
| algo_credit_limits | eq | 4.5.0 |
References
packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html
seclists.org/fulldisclosure/2014/Jun/173
secunia.com/advisories/59296
www-01.ibm.com/support/docview.wss?uid=swg21675881
www.securityfocus.com/archive/1/532598/100/0/threaded
exchange.xforce.ibmcloud.com/vulnerabilities/90945
www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt
Related
nvd
nvd
CVE-2014-0871
2014-07-07 11:01:29
cve
cve
CVE-2014-0871
2014-07-07 11:01:29
cvelist
cvelist
CVE-2014-0871
2014-07-07 10:00:00
ibm
ibm
packetstorm
packetstorm
IBM Algorithmics RICOS Disclosure / XSS / CSRF
2014-06-30 00:00:00
securityvulns
securityvulns
IBM Algorithmics RICOS multiple security vulnerabilities
2014-10-16 00:00:00
exploitpack
exploitpack
IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities
2014-07-01 00:00:00
seebug
seebug
IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities
2014-07-02 00:00:00
exploitdb
exploitdb
IBM Algorithmics RICOS 4.5.0 < 4.7.0 - Multiple Vulnerabilities
2014-07-01 00:00:00