CVE-2009-5001

Currently unrated

Key Information:

Vendor: IBM
Status: Filenet P8 Application Engine
Vendor: CVE Published:; 20 September 2010

Summary

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PJ35547

vendor-advisoryx_refsource_AIXAPAR

http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/read...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 20, 2010