IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.Referenceshttp://www.securityfocus.com/bid/72430http://www-01.ibm.com/support/docview.wss?uid=swg21694771http://secunia.com/advisories/62674https://exchange.xforce.ibmcloud.com/vulnerabilities/99014
