Vulnonym.com

CVE-2015-1884 - Prophetic Handler

Description

Directory traversal vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2 8.0.x through 8.0.1.3 8.5.0 through 8.5.0.1 and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2 through 7.2.0.5 allows remote authenticated users to read arbitrary files via a crafted internationalization-file URL.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21700831 http://www-01.ibm.com/support/docview.wss?uid=swg1JR52957 http://www.securityfocus.com/bid/75360 http://www.securitytracker.com/id/1032701 http://www.securitytracker.com/id/1032700