8 matches found
EUVD-2016-7011
Malware in sbrugna...
CVE-2016-6077
IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. IBM Reference : 1991584...
IBM Cognos Disclosure Local Command Execution Vulnerability
IBM Cognos Disclosure Management CDM is a financial reporting and process automation solution from IBM USA. The system suffers from a local command execution vulnerability. A local command execution vulnerability exists in IBM Cognos Disclosure that could be exploited by an attacker to execute...
IBM Cognos Disclosure Management Input Validation Vulnerability
IBM Cognos Disclosure Management CDM is a suite of financial reporting and process automation solutions from IBM USA. A security vulnerability exists in IBM CDM version 10.2.4 and earlier. An attacker can exploit this vulnerability to conduct a man-in-the-middle attack and gain access by forging ...
CVE-2015-5014
IBM Cognos Disclosure Management CDM 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation...
Design/Logic Flaw
The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management CDM 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary program onto a client machine and execute this...
CVE-2013-0501
The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management CDM 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary program onto a client machine and execute this...
CVE-2013-0501
The CVE-2013-0501 entry involves the EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control (used by Edraw Office Viewer Component and IBM Cognos Disclosure Management 10.2.0). The vulnerability arises from this ActiveX control permitting a crafted web site to read arbitrary files on a client, or down...