CVE-2013-3996

Published: Aug 6, 2013Modified: Apr 29, 2026

4.9

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability: 6.8 / Impact: 4.9

Source: NVD

Description

IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site.

Affected (9)

Products: Ibm: Infosphere Biginsights

1 product

Infosphere Biginsights

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Ibm Infosphere Biginsights	Version 1.1.0.0
Ibm Infosphere Biginsights	Version 1.1.0.1
Ibm Infosphere Biginsights	Version 1.1.0.2
Ibm Infosphere Biginsights	Version 1.2.0.0
Ibm Infosphere Biginsights	Version 1.3.0.0
Ibm Infosphere Biginsights	Version 1.3.0.1
Ibm Infosphere Biginsights	Version 1.4.0.0
Ibm Infosphere Biginsights	Version 2.0.0.0
Ibm Infosphere Biginsights	Version 2.1.0.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://secunia.com/advisories/54447

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21645804

Source: psirt@us.ibm.com

Vendor Advisory

http://www.securityfocus.com/bid/61604

Source: psirt@us.ibm.com

http://www.securitytracker.com/id/1028883

Source: psirt@us.ibm.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/84985

Source: psirt@us.ibm.com

http://secunia.com/advisories/54447

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg21645804

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/61604

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1028883

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/84985

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.