IBM Curam Social Program Management CVE-2014-3069 CRLF Injection Vulnerability
BID:69165
Info
IBM Curam Social Program Management CVE-2014-3069 CRLF Injection Vulnerability
| Bugtraq ID: | 69165 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-3069 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 07 2014 12:00AM |
| Updated: | Aug 07 2014 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
IBM Curam Social Program Management 6.0.5.5 |
| Not Vulnerable: | |
Discussion
IBM Curam Social Program Management CVE-2014-3069 CRLF Injection Vulnerability
IBM Curam Social Program Management is prone to a CRLF-injection vulnerability.
An attacker can exploit this issue to add arbitrary headers to a webpage. This may aid in further attacks.
Curam Social Program Management 6.0.5.5 is vulnerable.
IBM Curam Social Program Management is prone to a CRLF-injection vulnerability.
An attacker can exploit this issue to add arbitrary headers to a webpage. This may aid in further attacks.
Curam Social Program Management 6.0.5.5 is vulnerable.
Exploit / POC
IBM Curam Social Program Management CVE-2014-3069 CRLF Injection Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
IBM Curam Social Program Management CVE-2014-3069 CRLF Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.