23 results (0.007 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. IBM InfoSphere Information Server 11.7 podría permitir que un ataque remoto provoque que algunos de los componentes queden inutilizables hasta que se reinicie el proceso. ID de IBM X-Force: 237583. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237583 https://www.ibm.com/support/pages/node/6840399 • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0

IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability IBM InfoSphere Information Server versiones 8.1, 8.5, 8.7, 9.1, presenta una Vulnerabilidad de Fijación de Sesión. • http://www.securityfocus.com/bid/59815 • CWE-384: Session Fixation •

CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0

IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information. IBM InfoSphere Information Server podría permitir a un usuario local bajo especiales circunstancias ejecutar comandos durante procesos de instalación que podrían exponer información sensible. • http://www.ibm.com/support/docview.wss?uid=swg21982034 http://www.securityfocus.com/bid/90529 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0

IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facilitating an attacker to inject malicious CSS. IBM InfoSphere Information Server contiene una vulnerabilidad de importación a la hoja de estilo relativa a la ruta que permite a atacantes procesar una página en modo qirks, lo que facilita a un atacante inyectar CSS malicioso. • http://www.ibm.com/support/docview.wss?uid=swg21995155 http://www.securityfocus.com/bid/95325 http://www.securitytracker.com/id/1037563 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct clickjacking or other client-side browser attacks. IBM InfoSphere Information Server es vulnerable a las secuencias de marco cruzados, causadas por una protección iframe HTML insuficiente. Un atacante remoto podría explotar esta vulnerabilidad utilizando una URL especialmente manipulada para navegar a una página web que controla el atacante. • http://www.ibm.com/support/docview.wss?uid=swg21991682 http://www.securityfocus.com/bid/95106 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •