IBM Eclipse Help System Multiple Security Vulnerabilities

The IBM Eclipse Help System is prone to the following security vulnerabilities:

1. An open-redirection weakness.

2. A cross-site scripting vulnerability.

Attackers can exploit these issues to execute arbitrary script or HTML code, steal cookie-based authentication credentials, and conduct phishing attacks. Other attacks may also be possible.

IBM Eclipse Help System 3.4.3 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus