IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8903
Reference (s):
- BID:73947
- URL: http://www.securityfocus.com/bid/73947
- http://www-01.ibm.com/support/docview.wss?uid=swg21700098