CVE-2014-0864

Currently unrated

Key Information:

Vendor: IBM
Status: Algo Credit Limits
Vendor: CVE Published:; 7 July 2014

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Executer in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to hijack the authentication of arbitrary users for requests that change (1) a deal's currency or (2) a limit via a crafted XML document.

References

http://packetstormsecurity.com/files/127304/IBM-Algorithm...

x_refsource_MISC

http://www.securityfocus.com/archive/1/532598/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/59296

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 7, 2014
Vulnerability Reserved
Jan 6, 2014