6 matches found
Security Bulletin: Multiple vulnerabilities in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite (CVE-2013-2953, CVE-2013-2954, CVE-2013-2955, CVE-2013-2956, CVE-2013-2957, CVE-2013-2959)
Abstract Multiple vulnerabilities have been identified in the Optim E-Business Console making the product vulnerable to phishing attacks, the interception of credentials and the bypass of login entirely. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2953 DESCRIPTION: Use of MD5 as SSL Certifica...
CVE-2013-0579
The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote attackers to impersonate arbitrary users by leveraging access to a legitimate user's web browser either 1 before or 2 after authentication...
Design/Logic Flaw
The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to bypass intended access restrictions and create, modify, or delete documents or scripts via unspecified vectors...
Authentication flaw
The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote attackers to impersonate arbitrary users by leveraging access to a legitimate user's web browser either 1 before or 2 after authentication...
CVE-2013-0580
Cross-site request forgery CSRF vulnerability in the Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to hijack the authentication of arbitrary users...
CVE-2013-0577
The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to bypass intended access restrictions and create, modify, or delete documents or scripts via unspecified vectors...