Source Code Disclosure in IBM Eclipse Help System Used in IBM Data Studio
CVE-2013-0467

Currently unrated

Key Information:

Vendor: IBM
Status: Data Studio
Vendor: CVE Published:; 21 February 2013

Summary

The IBM Eclipse Help System (IEHS) used in IBM Data Studio 3.1 and 3.1.1 has a vulnerability that allows remote authenticated users to access and read the source code through a specially crafted URL. This flaw poses a significant risk, as it can lead to exposure of sensitive code and related intellectual property, potentially compromising the integrity and confidentiality of the software systems relying on IEHS.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/81102

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21625573

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 21, 2013
Vulnerability Reserved
Dec 16, 2012