Ibm

Sterling B2b Integrator

187 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2013-5407

  • EPSS 0.15%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, relat...

6.5

CVE-2013-5409

  • EPSS 0.31%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

4.3

CVE-2013-5411

  • EPSS 0.25%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors.

5

CVE-2013-0494

  • EPSS 1.78%
  • Veröffentlicht 09.08.2013 23:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted HTTP (1) Range or (2) Request-Range header.

7.1

CVE-2013-4002

  • EPSS 1.42%
  • Veröffentlicht 23.07.2013 11:03:19
  • Zuletzt bearbeitet 11.04.2025 00:51:21

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Ja...

5

CVE-2013-0481

  • EPSS 0.28%
  • Veröffentlicht 03.07.2013 13:54:31
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to read stack traces by triggering (1) an error or (2) an exception.

5

CVE-2013-0539

  • EPSS 0.28%
  • Veröffentlicht 03.07.2013 13:54:31
  • Zuletzt bearbeitet 11.04.2025 00:51:21

An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short session ID values, which makes it easier for remote attackers to hijack sessions, and consequently obtain sensitive infor...

5

CVE-2013-0558

  • EPSS 0.28%
  • Veröffentlicht 03.07.2013 13:54:31
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive information about application implementation via unspecified vectors.

6.5

CVE-2013-0560

  • EPSS 0.28%
  • Veröffentlicht 03.07.2013 13:54:31
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-201...

4

CVE-2013-0567

  • EPSS 0.18%
  • Veröffentlicht 03.07.2013 13:54:31
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE...