Geek-Guy

Tag Archive for information

[SE-2011-01] The origin and impact of vulnerabilities in ST chipsets

Posted by Security Explorations on Apr 21

Hello All,

We have published an initial document describing the origin and impact
of the vulnerabilities discovered in ST chipsets along some rationale
indicating why it’s worth to dig further into this case:

http://www.security-explorations.com/materials/se-2011-01-st-impact.pdf

This document is a work in progress. As such, it will be updated once
new information is acquired regarding the impact of the issues found.

ST vulnerabilities…

CVE-2014-0912

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product information via vectors related to an error page. IBM X-Force ID: 92072.

CVE-2014-6108

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 might allow man-in-the-middle attackers to obtain sensitive information by levera…

CVE-2014-6109

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 allow remote authenticated users to bypass intended access restrictions and obtai…