CVE-2014-8895 Information

Description

IBM TRIRIGA Application Platform 3.2.1.x 3.3.2 before 3.3.2.3 and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.

Reference

http://secunia.com/advisories/62674 http://www.securityfocus.com/bid/72430 http://www-01.ibm.com/support/docview.wss?uid=swg21694771 https://exchange.xforce.ibmcloud.com/vulnerabilities/99014