IBM Security Bulletin: Cúram is vulnerable to CRLF Injection attack (CVE-2014-3012)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
Cúram is vulnerable to CRLF Injection attack when not deployed on IBM WebSphere. CVE(s): CVE-2014-3012 Affected product(s) and affected version(s): Cúram Social Program Management All products are affected when running code releases 5.2 SP1, 5.2 SP4, 6.0.4.4, 6.0.4.5, 6.0.5.2, 6.0.5.3, 6.0.5.4. Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21675454 X-Force
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_c%25C3%25BAram_is_vulnerable_to_crlf_injection_attack_cve_2014_3012?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
|