CVE-2017-1536
https://notcve.org/view.php?id=CVE-2017-1536
IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 and 9.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130733. IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 y 9.0) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22008031 http://www.securityfocus.com/bid/102183 https://exchange.xforce.ibmcloud.com/vulnerabilities/130733 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1760
https://notcve.org/view.php?id=CVE-2017-1760
IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to crash the queue manager agent thread and expose some sensitive information. IBM X-Force ID: 126454. IBM WebSphere MQ 7.5, 8.0 y 9.0 podría permitir que un usuario local provoque el cierre inesperado del hilo del agente del gestor de cola y exponer información sensible. IBM X-Force ID: 126454. • http://www.ibm.com/support/docview.wss?uid=swg22005392 https://exchange.xforce.ibmcloud.com/vulnerabilities/126454 •
CVE-2017-1433
https://notcve.org/view.php?id=CVE-2017-1433
IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow an authenticated user to insert messages with a corrupt RFH header into the channel which would cause it to restart. IBM X-Force ID: 127803. IBM WebSphere MQ 7.5, 8.0 y 9.0 podría permitir que un usuario autenticado inserte mensajes con una cabecera RFH corrupta en el canal, lo que provocaría su reinicio. IBM X-Force ID: 127803. • http://www.ibm.com/support/docview.wss?uid=swg22005525 http://www.securityfocus.com/bid/102163 https://exchange.xforce.ibmcloud.com/vulnerabilities/127803 •
CVE-2017-1341
https://notcve.org/view.php?id=CVE-2017-1341
IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, an unauthorized user to access an object which they should have been denied access. IBM X-Force ID: 126456. IBM WebSphere MQ 8.0 y 9.0 podría permitir, bajo circunstancias especiales, que un usuario no autorizado acceda a un objeto para el que no deberían contar con acceso. IBM X-Force ID: 126456. • http://www.ibm.com/support/docview.wss?uid=swg22005400 http://www.securityfocus.com/bid/102042 https://exchange.xforce.ibmcloud.com/vulnerabilities/126456 •
CVE-2017-1283
https://notcve.org/view.php?id=CVE-2017-1283
IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144. Las versiones 8.0 y 9.0 de IBM WebSphere MQ podrían permitir que un usuario autenticado provoque una fuga de memoria compartida por aplicaciones MQ empleando consultas dinámicas, lo que podría conducir a una falta de recursos para otras aplicaciones MQ. IBM X-Force ID: 125144. • http://www.ibm.com/support/docview.wss?uid=swg22003852 https://exchange.xforce.ibmcloud.com/vulnerabilities/125144 • CWE-772: Missing Release of Resource after Effective Lifetime •