CVE-2012-0191

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Expeditor
Vendor: CVE Published:; 22 June 2012

Summary

The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers.

References

http://www.ibm.com/support/docview.wss?uid=swg21575642

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/72156

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 22, 2012
Vulnerability Reserved
Dec 14, 2011