2 matches found
CVE-2014-4982
CVE-2014-4982 concerns a command-injection flaw in LPAR2RRD where insufficient input sanitization on the web GUI parameters allows arbitrary command execution on the application server. Affected versions are reported as ≤ 4.53 and ≤ 3.5. The underlying issue is rooted in input handling on the app...
[oCERT-2014-005] LPAR2RRD input sanitization errors
2014-005 LPAR2RRD input sanitization errors Description: LPAR2RRD is a performance monitoring and capacity planning software for IBM Power Systems. LPAR2RRD generates historical, future trends and nearly "real-time" CPU utilization graphs of LPAR's and shared CPU usage. Insufficient input...