MOABI : Continuous Software Improvement

CVE-2009-5001
Description	The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.
Impact	CVSS v2 : 4 MEDIUM
Type	CWE-264
Attack Vector	CVSSv2 Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N
Quick links	CVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References	http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm http://www-01.ibm.com/support/docview.wss?uid=swg1PJ35547