IBM BigFix Platform Multiple Security Vulnerabilities

IBM BigFix Platform is prone to the following multiple security vulnerabilities:

1. An open-redirection vulnerability
2. An information-disclosure vulnerability
3. A cross-site-scripting vulnerability.
4. A cross-site request-forgery vulnerability

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials, perform unauthorized actions or obtain sensitive information.

BigFix Platform Version 9.2.6 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus