CVE-2012-2680 Information

Description

Cumin before 0.1.5444 as used in Red Hat Enterprise Messaging Realtime and Grid (MRG) 2.0 does not properly restrict access to resources which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) \web pages\ (2) \export functionality\ and (3) \image viewing.\

Reference

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=829421 http://rhn.redhat.com/errata/RHSA-2012-1278.html http://rhn.redhat.com/errata/RHSA-2012-1281.html http://secunia.com/advisories/50660 http://www.securityfocus.com/bid/55618 https://exchange.xforce.ibmcloud.com/vulnerabilities/78770