5

CVE-2007-3397

The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed connection error, which might allow remote attackers to obtain sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmWebsphere Application Server Version6.0.2.1
IbmWebsphere Application Server Version6.0.2.2
IbmWebsphere Application Server Version6.0.2.3
IbmWebsphere Application Server Version6.0.2.4
IbmWebsphere Application Server Version6.0.2.5
IbmWebsphere Application Server Version6.0.2.6
IbmWebsphere Application Server Version6.0.2.7
IbmWebsphere Application Server Version6.0.2.9
IbmWebsphere Application Server Version6.0.2.11
IbmWebsphere Application Server Version6.0.2.13
IbmWebsphere Application Server Version6.0.2.15
IbmWebsphere Application Server Version6.0.2.17
IbmWebsphere Application Server Version6.0.2.19
IbmWebsphere Application Server Version6.1.0.1
IbmWebsphere Application Server Version6.1.0.2
IbmWebsphere Application Server Version6.1.0.3
IbmWebsphere Application Server Version6.1.0.5
IbmWebsphere Application Server Version6.1.0.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.15% 0.797
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/41644
http://secunia.com/advisories/25817
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24015854
Patch
http://www-1.ibm.com/support/docview.wss?uid=swg21261071
http://www.securityfocus.com/bid/24608
Patch
http://www.securitytracker.com/id?1018288