Description

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request.

Remediation

References

CVE-2015-0113

Related Vulnerabilities

WordPress Plugin RBX Gallery 'uploader.php' Arbitrary File Upload (2.1)

WordPress Plugin NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)

Oracle JRE CVE-2013-2435 Vulnerability (CVE-2013-2435)

WordPress Plugin Active Directory Integration SQL Injection (1.1.8)

WordPress Plugin Theme Tweaker Cross-Site Request Forgery (5.20)

Severity

Medium

Classification

CVE-2015-0113 CWE-200

Tags

Missing Update Known Vulnerabilities