The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2012-06-22T10:00:00
Updated: 2024-08-06T18:16:19.329Z
Reserved: 2011-12-14T00:00:00
Link: CVE-2012-0191
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-06-22T10:24:05.973
Modified: 2017-08-29T01:30:51.630
Link: CVE-2012-0191
Redhat
No data.