CVE-2010-3892 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2010-3892

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Session fixation vulnerability in the login form in the administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x allows remote attackers to hijack web sessions by replaying a session ID (aka SID) value.

Affected Software

Name	Vendor	Start Version	End Version
Omnifind	Ibm	8.0 (including)	8.0 (including)
Omnifind	Ibm	8.4 (including)	8.4 (including)
Omnifind	Ibm	8.5 (including)	8.5 (including)
Omnifind	Ibm	9.0 (including)	9.0 (including)
Omnifind	Ibm	9.1 (including)	9.1 (including)

References

http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt
http://www.securityfocus.com/archive/1/514688/100/0/threaded
http://www.securityfocus.com/bid/44740
http://www.vupen.com/english/advisories/2010/2933