CVE-2009-4998

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-019 and 4.0.2.x before 4.0.2.7-P8AE-FP007, in certain FileTracker configurations, does not apply a security policy to the first document added during a session, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:006:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:005:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:004:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:003:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:017:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:018:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:015:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:016:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:014:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:012:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:009:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:011:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:013:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:019:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:007:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:001:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:010:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:002:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:3.5.1:008:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:001:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:002:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:003:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:004:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:006:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:005:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_p8_application_engine:4.0.2:*:*:*:*:*:*:*

Information

Published : 2010-09-20 15:00

Updated : 2010-09-20 21:00


NVD link : CVE-2009-4998

Mitre link : CVE-2009-4998


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

ibm

  • filenet_p8_application_engine