CVE-2009-2583 Information

Description

Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.

Reference

http://secunia.com/advisories/35931 http://www.securityfocus.com/bid/35779 http://www.securitytracker.com/id?1022597 http://www.vupen.com/english/advisories/2009/1990 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55659 http://www-01.ibm.com/support/docview.wss?uid=swg24023826