76 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1...
CVE-2013-0548
CVE-2013-0548 affects IBM Tivoli Monitoring Basic Services (ITM) and IBM Application Manager for Smart Business. The vulnerability is a cross-site scripting (XSS) issue in Basic Services that could allow remote attackers to inject arbitrary script via unspecified vectors. Affected ITM versions in...
CVE-2013-2961
CVE-2013-2961 affects IBM Tivoli Monitoring (ITM) Basic Services, used in IBM Application Manager for Smart Business. The issue arises in the ITM Basic Services web server handling crafted HTTP traffic, allowing remote attackers to redirect HTTP requests and bypass proxy-server configuration. Aff...
CVE-2013-0551
CVE-2013-0551 affects IBM Tivoli Monitoring Basic Services in ITM 6.2.x (6.2.0[FP3], 6.2.1[FP4], 6.2.2[FP9], 6.2.3 before FP3) as used by IBM Application Manager for Smart Business. Description: specially crafted URLs can cause an abend/DoS in the Tivoli Monitoring process. IBM’s remediation invo...
CVE-2013-2960
The CVE-2013-2960 issue affects IBM Tivoli Monitoring (ITM) Basic Services, specifically the KDSMAIN HTTP processing, where a crafted URL can trigger a buffer overflow and cause a segmentation fault (remote DoS). Affected ITM versions include 6.2.0–6.2.3 with various FP levels (notably FP3 for 6....
CVE-2013-1158
CVE-2013-1158 affects the IBM Tivoli Monitoring (ITM) help menus in Cisco Prime Central for Hosted Collaboration Solution. It describes a Cross-site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. The description does...
CVE-2013-1157
Technical details about CVE-2013-1157 are not publicly available in the provided documents. Monitor for updates.
Code injection
The web console in CA formerly Computer Associates eTrust ITM Threat Manager 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689...
Information disclosure
CA formerly Computer Associates eTrust ITM Threat Manager 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors...
CVE-2007-5437
The web console in CA formerly Computer Associates eTrust ITM Threat Manager 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689...
CVE-2007-5437
The CVE-2007-5437 entry affects CA eTrust ITM (Threat Manager) 8.1, where the web console allows remote attackers to redirect users to arbitrary web sites by supplying a crafted HTTP URL targeting port 6689. This describes a client redirection vulnerability in the web interface, with no explicit ...
CVE-2007-5439
CVE-2007-5439 affects CA eTrust ITM (Threat Manager) 8.1. The issue is that sensitive user information is stored in log files with predictable names, allowing a remote attacker to obtain the data via unspecified vectors. This is stated across the CVE records, including NVD, and connected document...
CVE-2007-5439
CA formerly Computer Associates eTrust ITM Threat Manager 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors...
CVE-2007-5437
The web console in CA formerly Computer Associates eTrust ITM Threat Manager 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689...
[ELEYTT] 10PAZDZIERNIK2007
Eleytt Research www.eleytt.com Overview: ==================== Michal Bucko, Eleytt, www.eleytt.com/michal.bucko Tomasz Polis, www.eleytt.com Credit: ==================== Michal Bucko, Eleytt, www.eleytt.com/michal.bucko Vulnerability Table =================== 1. CA Erwin Datatype Standards File...
CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability
Title: CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability CA Vulnerability ID: 34325 CA Advisory Date: 2006-06-26 Discovered By: Deral Heiland www.layereddefense.com Impact: Attackers can cause a denial of service condition or possibly execute arbitrary code...