696 matches found
Microsoft patch day 2015-4-14: the repair of many high-risk IE, Windows, Office vulnerabilities-vulnerability warning-the black bar safety net
Monthly the second Tuesday, Microsoft fixed the patch to fix the day, Microsoft on Tuesday(2015-4-14 the“patch day”on repairing a large number of vulnerabilities, which includes many IE, Windows, Office, high-risk vulnerabilities. Update announcement MS15-0 3 4 announcement MS15-0 3 4 announcemen...
CVE-2014-0833
The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...
CVE-2014-0830
Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname...
CVE-2014-0831
Cross-site request forgery CSRF vulnerability in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data...
Directory traversal
Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data...
Design/Logic Flaw
The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value...
CVE-2014-0831
Cross-site request forgery CSRF vulnerability in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that modify configuration data...
CVE-2014-0833
The OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 does not properly enforce operator-intervention requirements, which allows remote authenticated users to bypass intended access restrictions via an unspecified process step...
CVE-2014-0831
CVE-2014-0831: IBM Financial Transaction Manager (FTM) 2.0 OAC is vulnerable to Cross-Site Request Forgery. An authenticated attacker could trigger edits to configuration data. Affected product: FTM 2.0 (OAC). Root cause: CSRF in the OAC component. Impact: potential unauthorized configuration cha...
CVE-2014-0833
IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 is affected by CVE-2014-0833 where the OAC component does not properly enforce operator-intervention requirements, allowing an authenticated remote user to bypass intended access restrictions via an unspecified process step. The affected ...
CVE-2014-0832
IBM Financial Transaction Manager 2.0/2.1 OAC contains cross-site scripting vulnerabilities in the configuration-details screens. Root cause: injected JavaScript/HTML via crafted text values; impacts authenticated users viewing those records. CVSS base 3.5. Affected: FTM 2.0 (and 2.1). Remediatio...
CVE-2014-0832
Multiple cross-site scripting XSS vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value...
CVE-2014-0830
Directory traversal vulnerability in the table-export implementation in the OAC component in IBM Financial Transaction Manager FTM 2.0 before 2.0.0.3 and 2.1 before 2.1.0.1 allows remote authenticated users to read arbitrary files via a modified pathname...
Microsoft Windows KTM Invalid Free With Reused Transaction GUID
Microsoft Windows KTM Invalid Free with reused transaction GUID ---------------------------------------------------------------------------- CVE-2010-1889 The Kernel Transaction Manager ktm was introduced in Windows Vista and has been included in subsequent versions of Windows. Microsoft describe...