3 matches found
CVE-2014-0871
RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character...
Information disclosure
RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character...
CVE-2014-0871
CVE-2014-0871 affects IBM Algorithmics RICOS (ACLIM) versions 4.5.0–4.7.0. The issue allows information disclosure via Tomcat error messages that leak environment details, triggered by non-printing characters (e.g., 0x00) in a cookie to the /classes/ URI. IBM’s SEC Consult advisory and the IBM Se...