41 matches found
EUVD-2016-0425
Malware in sbrugna...
EUVD-2017-10170
Malware in sbrugna...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Algo One - Algo Risk Application (ARA)
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.0.10.15 and earlier and 8.0.5.7 and earlier and IBM® Runtime Environment Java™ Version 7.0.10.15 and earlier and 8.0.5.7 and earlier used by IBM Algo One - Algo Risk Application. These issues were disclosed...
Security Bulletin: Vulnerability in Apache commons-fileupload affects IBM Algo One Algo Risk Application (ARA) CVE-2016-1000031
Summary Vulnerability in Apache commons-fileupload affects IBM Algo One Algo Risk Application ARA CVE-2016-1000031 Vulnerability Details CVEID: CVE-2016-1000031 DESCRIPTION: Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute...
Security Bulletin: An unspecified vulnerability in Oracle Java SE affects IBM Algo One Algo Risk Application (CVE-2017-10115)
Summary An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JCE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. Vulnerability Details CVEID:...
Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Algo Risk Application (CVE-2017-5664)
Summary Apache Tomcat could allow a remote attacker to bypass security restrictions CVE-2017-5664. Vulnerability Details CVE-ID: CVE-2017-5664 Description: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the improper handling of specific HTTP request methods...
Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Algo Risk Application (CVE-2017-7674, CVE-2017-7675)
Summary Apache Tomcat could provide weaker than expected security, caused by the failure to add an HTTP Vary header CVE-2017-7674. Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by a flaw in the HTTP/2 implementation CVE-2017-7675. Vulnerability Details CVEID:...
Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Algo Risk Application (CVE-2017-5648)
Summary IBM Algo One - Algo Risk Application could allow a remote attacker to bypass security restrictions, caused by the failure to use the appropriate facade object by certain application listener calls. Advsory 8335 Vulnerability Details CVE-ID: CVE-2017-5648 Description: Apache Tomcat could...
Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM Algo One - Algo Risk Application and Core (CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5547, CVE-2016-2183)
Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that affects Algo Risk Application and Core. These vulnerabilities were disclosed as part of the IBM Java SDK updates in January 2017. Vulnerability Details CVEID: CVE-2016-5546 DESCRIPTION: An unspecified vulnerability in...
Security Bulletin: Vulnerability in Apache Tomcat afffects IBM Algorithmics One-Algo Risk Application (CVE-2016-6816)
Summary Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would...
Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Algo Risk Application (CVE-2016-8745)
Summary IBM Algo One - Algo Risk Application could allow a remote attacker to obtain sensitive information, caused by the improper handling of the send file code for the NIO HTTP connector when the Connector code for Tomcat is refactored. An attacker could exploit this vulnerability to obtain the...
Security Bulletin: IBM Algo One - Algo Risk Application (ARA) could allow retrieval of restricted files
Summary IBM Algo One - Algo Risk Application could allow a user to gain access to files in the local environment which should not be viewed by application users. Vulnerability Details CVEID: CVE-2017-1154 DESCRIPTION: IBM Algo One - Algo Risk Application could allow a user to gain access to files...
Security Bulletin: Vulnerability in OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application (CVE-2015-5174)
Summary Apache Tomcat could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ in the getResource, getResourceAsStream and getResourcePaths ServletContext methods to obtain a directory listing f...
Security Bulletin: Vulnerability OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application - CVE-2015-5345 CVE-2015-5346 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763
Summary Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory that affects IBM Algorithmics Algo Risk...
Security Bulletin: Vulnerability in HTTP Response Splitting affects IBM Algo One - Algo Risk Application and IBM Algo One - Core (CVE-2015-2017)
Summary The IBM WebSphere Portal is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such...
Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affects IBM Algo One - Algo Risk Application and Algo One - Core ( CVE-2015-4872, CVE-2015-4911, CVE-2015-4893, CVE-2015-4803, CVE-2015-5006)
Summary Java SE issues disclosed in the Oracle October 2015 Critical Patch Update, plus CVE-2015-5006 affect Algo One - Algo Risk Application and Algo One - Core. Vulnerability Details Relevant CVE Information: CVEID: CVE-2015-4872 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and...
Security Bulletin: Vulnerability in Web Browser XSS Protection affects IBM Algo One - Algo Risk Application (CVE-2016-0390)
Summary Vulnerability in Web Browser XSS Protection Vulnerability Details CVEID: CVE-2016-0390 DESCRIPTION: IBM Algo One - Algo Risk Application is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a...
Security Bulletin: Vulnerability in RSOC_APP_01 Frameable Response Potential Clickjacking (CSRF) affects IBM Algorithmics Algo Risk Application - CVE-2016-0207
Summary IBM Algorithmics One-Algo Risk Application could allow a remote attacker to hijack the clicking action of the victim. A remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions from the system. Vulnerability Details CVEID: CVE-2016-0207 DESCRIPTION:...
Security Bulletin: Vulnerability in Web Browser XSS Protection affects IBM Algo One - Algo Risk Application (CVE-2016-0390)
Summary Web Browser XSS Protection Not Enabled, or is disabled by the configuration of the 'X-XSS-Protection' HTTP response header. Affects Algo Risk Application. Vulnerability Details CVEID: CVE-2016-0390 DESCRIPTION: IBM Algo One - Algo Risk Application is vulnerable to cross-site scripting,...
Security Bulletin: Multiple Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jan 2016 - Includes Oracle Jan 2016 CPU + 3 IBM CVEs affects IBM Algo One - Core, Algo Risk Application, and Counterparty Credit Risk
Summary Java SE issues disclosed in the Oracle January 2016 Critical Path Update. Affects Algo One - Core, Algo Risk Application, and Counterparty Credit Risk. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision...