Оказание ИТ услуг Кемерово CVE-2014-6185 (tivoli_storage_manager)

    dsmtca in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.2.3, 6.4 before 6.4.2.2, and 7.1 before 7.1.1.3 does not properly restrict shared-library loading, which allows local users to gain privileges via a crafted DSO file.
      Теги:
    • нет
    • 0
    • 0
    • 0 комментариев

    Оказание ИТ услуг Кемерово CVE-2014-6154 (optim_performance_manager)

      Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a… (dot dot) in a URL.
        Теги:
      • нет
      • 0
      • 0
      • 0 комментариев

      Оказание ИТ услуг Кемерово CVE-2014-6137

        Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
          Теги:
        • нет
        • 0
        • 0
        • 0 комментариев

        Оказание ИТ услуг Кемерово CVE-2014-6113

          Cross-site scripting (XSS) vulnerability in the Web Reports component in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
            Теги:
          • нет
          • 0
          • 0
          • 0 комментариев

          Оказание ИТ услуг Кемерово CVE-2014-6102

            IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products do not properly handle logout actions, which allows remote attackers to bypass intended Cognos BI Direct Integration access restrictions by leveraging an unattended workstation.
              Теги:
            • нет
            • 0
            • 0
            • 0 комментариев

            Оказание ИТ услуг Кемерово CVE-2014-4813 (tivoli_storage_manager)

              Race condition in the client in IBM Tivoli Storage Manager (TSM) 5.4.0.0 through 5.4.3.6, 5.5.0.0 through 5.5.4.3, 6.1.0.0 through 6.1.5.6, 6.2 before 6.2.5.4, 6.3 before 6.3.2.3, 6.4 before 6.4.2.1, and 7.1 before 7.1.1 on UNIX and Linux allows local users to obtain root privileges via unspecified vectors.
                Теги:
              • нет
              • 0
              • 0
              • 0 комментариев

              Оказание ИТ услуг Кемерово CVE-2014-4803

                CRLF injection vulnerability in the Universal Access implementation in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix007, and 6.0.5 before 6.0.5.5 iFix003, when WebSphere Application Server is not used, allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via an unspecified parameter.
                  Теги:
                • нет
                • 0
                • 0
                • 0 комментариев

                Оказание ИТ услуг Кемерово CVE-2014-4781 (infosphere_biginsights)

                  The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.
                    Теги:
                  • нет
                  • 0
                  • 0
                  • 0 комментариев