PROBLEM:
IBM InfoSphere Information Server Multiple Vulnerabilities
PLATFORM:
The vulnerabilities are reported in versions prior to 9.1.
ABSTRACT:
Multiple vulnerabilities have been reported in IBM InfoSphere Information Server
REFERENCE LINKS:
Secunia Advisory SA51605
IBM Support home
IBM InfoSphere Information Server, Version 9.1 fix list
IMPACT ASSESSMENT:
Medium
DISCUSSION:
Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions.
1) An unspecified error exists in the InfoCenter component.
2) Some unspecified errors exist in the bundled version of Java.
3) Some unspecified errors exist in the Web Console component.
4) An error when performing permission checks to run and view status of jobs can be exploited to gain access to the otherwise restricted project.
IMPACT:
Malicious users can bypass certain security restrictions.