Page 5 of 23 results (0.005 seconds)

CVSS: 5.8EPSS: 0%CPEs: 6EXPL: 0

Open redirect vulnerability in Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en Information Services Framework (ISF) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, permite a atacantes remotos redireccionar a usuarios a sitios web de su elección y llevar a cabo ataques de phishing a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 https://exchange.xforce.ibmcloud.com/vulnerabilities/73289 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Multiple buffer overflows in unspecified setuid executables in the DataStage subsystem in IBM InfoSphere Information Server 8.1 before FP1 have unknown impact and attack vectors. Múltiples desbordamientos de búfer en ejecutables setuid no especificados en el DataStage subsystem en IBM InfoSphere Information Server 8.1 en versiones anteriores a la FP1 tienen un impacto y vectores de ataque desconocidos. • http://secunia.com/advisories/37556 http://www-01.ibm.com/support/docview.wss?uid=swg1JR30394 http://www-01.ibm.com/support/docview.wss?uid=swg21406224 http://www.osvdb.org/60807 http://www.securityfocus.com/bid/37245 http://www.vupen.com/english/advisories/2009/3432 https://exchange.xforce.ibmcloud.com/vulnerabilities/54609 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the Web console in IBM InfoSphere Information Server 8.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la consola Web en IBM InfoSphere Information Server 8.1 en versiones anteriores a la FP1, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://secunia.com/advisories/37556 http://www-01.ibm.com/support/docview.wss?uid=swg1JR32573 http://www-01.ibm.com/support/docview.wss?uid=swg21406224 http://www.osvdb.org/60806 http://www.securityfocus.com/bid/37246 http://www.vupen.com/english/advisories/2009/3432 https://exchange.xforce.ibmcloud.com/vulnerabilities/54608 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •