5 matches found
CVE-2012-4820
CVE-2012-4820 affects IBM Java Runtime used in IBM WebSphere Real Time and other IBM products. The issue arises when code runs under a security manager, allowing remote attackers to escalate privileges by abusing insecure use of java.lang.reflect.Method invoke(). Affected IBM JREs include release...
CVE-2012-4821
CVE-2012-4821 is one of several IBM JRE/Java SDK vulnerabilities (CVE-2012-4820/4821/4822/4823) affecting IBM products (e.g., WebSphere Real Time, Tivoli Monitoring, Tivoli Storage Productivity Center, and related IBM runtimes). The root cause is insecure use of Java reflection APIs (getDeclaredM...
CVE-2012-4823
CVE-2012-4823 is an IBM JRE vulnerability (arbitrary code execution via insecure use of java.lang.ClassLoder defineClass()) affecting IBM JRE in multiple IBM and partner products. Connected advisories confirm concrete fixes by upgrading the IBM JRE to newer service releases on affected stacks: fo...
CVE-2012-4822
CVE-2012-4822 affects IBM JRE components used in IBM WebSphere Real Time and multiple IBM/Tivoli products (e.g., Tivoli Monitoring, Rational Host On-Demand, WebSphere Real Time, Lotus Notes/Domino). Root cause: insecure use of multiple methods in java.lang.Class enabling remote code execution. Af...
CVE-2012-2160
CVE-2012-2160 affects IBM Rational Change 5.3. The vulnerability arises from improper validation of user-supplied input, enabling a cross-site scripting attack via the SUPP_TEMPLATE_FLAG URL parameter. When a victim clicks a specially crafted link, an attacker could execute script in the browser ...