47 matches found
EUVD-2017-10171
Malware in sbrugna...
EUVD-2016-0242
Malware in sbrugna...
EUVD-2016-0425
Malware in sbrugna...
EUVD-2017-10170
Malware in sbrugna...
Security Bulletin: Vulnerability in Apache Tomcat afffects IBM Algorithmics One-Algo Risk Application (CVE-2016-6816)
Summary Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would...
Security Bulletin: Vulnerabilites in IBM Algorithmics Algo One Algo Risk Application (ARA) Stack trace may be thrown if no default error page was set up and exception occurred
Summary IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by improper handling of exceptions when a default error page does not exist. Liberty is bundled/embedded with Algo One ARA in Algo One versions 5.0 and 5.1. IBM Algo One Algo Risk...
Security Bulletin: OpenSource Apache Tomcat Vulnerability affects IBM Algorithmics Counterparty Credit Risk
Summary Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would...
Security Bulletin: Vulnerability in Open Source Apache Tomcat , Commons FileUpload Vulnerabilities IBM Algorithmics Algo Risk Application
Summary The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service CPU consumption via a long boundary...
Security Bulletin: Vulnerability in OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application (CVE-2015-5174)
Summary Apache Tomcat could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ in the getResource, getResourceAsStream and getResourcePaths ServletContext methods to obtain a directory listing f...
Security Bulletin: OpenSource Apache Tomcat Vulnerability affects IBM Algorithmics Counterparty Credit Risk
Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory. OpenSource Apache Tomcat is used by IBM...
Security Bulletin: Vulnerability OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application - CVE-2015-5345 CVE-2015-5346 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763
Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory that affects IBM Algorithmics Algo Risk...
Security Bulletin: Vulnerability in RSOC_APP_01 Frameable Response Potential Clickjacking (CSRF) affects IBM Algorithmics Algo Risk Application - CVE-2016-0207
Summary IBM Algorithmics One-Algo Risk Application could allow a remote attacker to hijack the clicking action of the victim. A remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions from the system. Vulnerability Details CVEID: CVE-2016-0207 DESCRIPTION:...
CVE-2016-0207
IBM Algorithmics One-Algo Risk Application ARA 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. IBM X-Force ID: 109399...
CVE-2016-0207
IBM Algorithmics One-Algo Risk Application ARA 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. IBM X-Force ID: 109399...
Code injection
IBM Algorithmics One-Algo Risk Application ARA 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. IBM X-Force ID: 109399...
CVE-2017-1154
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to files in the local environment which should not be viewed by application users. IBM Reference : 1999892...
CVE-2017-1155
IBM Algorithmics One-Algo Risk Application 4.9.1, 5.0, and 5.1.0 could allow a user to gain access to another user's reports using a specially crafted HTTP request. IBM Reference : 1999754...
CVE-2016-0390
Cross-site scripting XSS vulnerability in IBM Algorithmics Algo One Algo Risk Application ARA 4.9.1 through 5.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Algorithmics Algo One Algo Risk Application ARA 4.9.1 through 5.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
CVE-2016-0390
Cross-site scripting XSS vulnerability in IBM Algorithmics Algo One Algo Risk Application ARA 4.9.1 through 5.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...