2 matches found
Security Bulletin: IBM Cúram Social Program Management is vulnerable to Java reflection attack(CVE-2014-8903).
Summary IBM Cúram Social Program Management is vulnerable to Java reflection attack caused by external input that is used to specify a class. A remote attacker could exploit this vulnerability by injecting arbitrary class names which will be subsequently loaded. Vulnerability Details CVE-2014-890...
CVE-2014-8903
CVE-2014-8903 affects IBM Cúram Social Program Management (versions 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10, and 6.0.5 before 6.0.5.6). Root cause: Java reflection attack where external input specifies a class name, allowing remote authenticated users to load arbitrary Java classes. Impac...