Secunia Security Advisory - IBM has acknowledged some vulnerabilities in Tivoli Compliance Insight Manager (TCIM), some of which have unknown impacts, while others can be exploited to bypass certain security restrictions, gain knowledge of sensitive information, gain escalated privileges, cause a DoS (Denial of Service), conduct cross-site scripting and SQL injection attacks, or potentially compromise a vulnerable system.
bd3acf84a071114e8ba7be882533613018ae8cef67655ebad50deca519b23bd0
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
IBM Tivoli Compliance Insight Manager Oracle Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA26669
VERIFY ADVISORY:
http://secunia.com/advisories/26669/
CRITICAL:
Highly critical
IMPACT:
Unknown, Security Bypass, Cross Site Scripting, Manipulation of data,
Exposure of sensitive information, Privilege escalation, DoS, System
access
WHERE:
>From remote
SOFTWARE:
IBM Tivoli Compliance Insight Manager (TCIM) 6.x
http://secunia.com/product/15700/
IBM Tivoli Compliance Insight Manager (TCIM) 7.x
http://secunia.com/product/15701/
IBM Tivoli Compliance Insight Manager (TCIM) 8.x
http://secunia.com/product/15702/
DESCRIPTION:
IBM has acknowledged some vulnerabilities in Tivoli Compliance
Insight Manager (TCIM), some of which have unknown impacts, while
others can be exploited to bypass certain security restrictions, gain
knowledge of sensitive information, gain escalated privileges, cause a
DoS (Denial of Service), conduct cross-site scripting and SQL
injection attacks, or potentially compromise a vulnerable system.
For more information:
SA24929
The vulnerabilities are reported in versions 6.0, 7.0, and 8.0.
SOLUTION:
Apply patches.
http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg24016678
ORIGINAL ADVISORY:
http://www-1.ibm.com/support/docview.wss?uid=swg21268889
OTHER REFERENCES:
SA24929:
http://secunia.com/advisories/24929/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed