Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0690

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0690
Last Modified 13 Mar 2012 12:00:00
Published 13 Mar 2012 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0690

Summary

TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, and Analytics Client Application in Spotfire Analytics Server before 10.1.2; Server before 3.3.3; and Web Player, Automation Services, and Professional before 4.0.2 allow remote attackers to obtain sensitive information via a crafted URL.

Vulnerable Systems

Application

  • Tibco Spotfire Analytics Server 10.0.0

  • Tibco Spotfire Analytics Server 10.0.1

  • Tibco Spotfire Professional 4.0.1

  • Tibco Spotfire Server 3.0.0

  • Tibco Spotfire Server 3.0.1

  • Tibco Spotfire Server 3.1.0

  • Tibco Spotfire Server 3.1.1

  • Tibco Spotfire Server 3.2.0

  • Tibco Spotfire Server 3.3.0

  • Tibco Web Player Automation Services


References

CONFIRM - http://www.tibco.com/services/support/advisories/amx-be-spotfire-advisory_20120308.jsp

CONFIRM - http://www.tibco.com/multimedia/spotfire_advisory_20120308_tcm8-15731.txt


Last Updated: 27 May 2016 10:57:27