CVE-2014-0867 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2014-0867

CWE

https://cwe.mitre.org/data/definitions/.html

rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string.

Affected Software

Name	Vendor	Start Version	End Version
Algo_credit_limits	Ibm	4.5.0 (including)	4.5.0 (including)
Algo_credit_limits	Ibm	4.7.0 (including)	4.7.0 (including)
Algorithmics	Ibm	- (including)	- (including)

References

http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html
http://seclists.org/fulldisclosure/2014/Jun/173
http://www-01.ibm.com/support/docview.wss?uid=swg21675881
http://www.securityfocus.com/archive/1/532598/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/90941
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt