IBM Security Bulletin: External Entity Injection vulnerability in IBM License Metric Tool v7.5 & v7.2.2 and IBM Tivoli Asset Discovery for Distributed v7.5 & v7.2.2 - CVE-2014-8924
IBM License Metric Tool v7.5 & v7.2.2 and IBM Tivoli Asset Discovery for Distributed v7.5 & v7.2.2 servers are vulnerable to External Entity Injection attack. Sending specially crafted request to server allows for file extraction from server's...
from IBM Product Security Incident Response Team http://ift.tt/1JQ3tJU
from IBM Product Security Incident Response Team http://ift.tt/1JQ3tJU