CVE-2010-0777

EPSS 0.55%
Veröffentlicht 17.05.2010 22:30:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading the retrieved file.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Websphere Application Server Version6.0

Ibm ≫ Websphere Application Server Version6.0.0.1

Ibm ≫ Websphere Application Server Version6.0.0.2

Ibm ≫ Websphere Application Server Version6.0.0.3

Ibm ≫ Websphere Application Server Version6.0.1

Ibm ≫ Websphere Application Server Version6.0.1.1

Ibm ≫ Websphere Application Server Version6.0.1.2

Ibm ≫ Websphere Application Server Version6.0.1.3

Ibm ≫ Websphere Application Server Version6.0.1.5

Ibm ≫ Websphere Application Server Version6.0.1.7

Ibm ≫ Websphere Application Server Version6.0.1.9

Ibm ≫ Websphere Application Server Version6.0.1.11

Ibm ≫ Websphere Application Server Version6.0.1.13

Ibm ≫ Websphere Application Server Version6.0.1.15

Ibm ≫ Websphere Application Server Version6.0.1.17

Ibm ≫ Websphere Application Server Version6.0.2

Ibm ≫ Websphere Application Server Version6.0.2.1

Ibm ≫ Websphere Application Server Version6.0.2.2

Ibm ≫ Websphere Application Server Version6.0.2.3

Ibm ≫ Websphere Application Server Version6.0.2.4

Ibm ≫ Websphere Application Server Version6.0.2.5

Ibm ≫ Websphere Application Server Version6.0.2.6

Ibm ≫ Websphere Application Server Version6.0.2.7

Ibm ≫ Websphere Application Server Version6.0.2.8

Ibm ≫ Websphere Application Server Version6.0.2.9

Ibm ≫ Websphere Application Server Version6.0.2.10

Ibm ≫ Websphere Application Server Version6.0.2.11

Ibm ≫ Websphere Application Server Version6.0.2.12

Ibm ≫ Websphere Application Server Version6.0.2.13

Ibm ≫ Websphere Application Server Version6.0.2.14

Ibm ≫ Websphere Application Server Version6.0.2.15

Ibm ≫ Websphere Application Server Version6.0.2.16

Ibm ≫ Websphere Application Server Version6.0.2.17

Ibm ≫ Websphere Application Server Version6.0.2.18

Ibm ≫ Websphere Application Server Version6.0.2.19

Ibm ≫ Websphere Application Server Version6.0.2.20

Ibm ≫ Websphere Application Server Version6.0.2.21

Ibm ≫ Websphere Application Server Version6.0.2.22

Ibm ≫ Websphere Application Server Version6.0.2.23

Ibm ≫ Websphere Application Server Version6.0.2.24

Ibm ≫ Websphere Application Server Version6.0.2.25

Ibm ≫ Websphere Application Server Version6.0.2.27

Ibm ≫ Websphere Application Server Version6.0.2.28

Ibm ≫ Websphere Application Server Version6.0.2.29

Ibm ≫ Websphere Application Server Version6.0.2.30

Ibm ≫ Websphere Application Server Version6.0.2.31

Ibm ≫ Websphere Application Server Version6.0.2.32

Ibm ≫ Websphere Application Server Version6.0.2.33

Ibm ≫ Websphere Application Server Version6.0.2.35

Ibm ≫ Websphere Application Server Version6.0.2.37

Ibm ≫ Websphere Application Server Version6.0.2.39

Ibm ≫ Websphere Application Server Version6.1

Ibm ≫ Websphere Application Server Version6.1.0

Ibm ≫ Websphere Application Server Version6.1.0.0

Ibm ≫ Websphere Application Server Version6.1.0.1

Ibm ≫ Websphere Application Server Version6.1.0.2

Ibm ≫ Websphere Application Server Version6.1.0.3

Ibm ≫ Websphere Application Server Version6.1.0.5

Ibm ≫ Websphere Application Server Version6.1.0.7

Ibm ≫ Websphere Application Server Version6.1.0.9

Ibm ≫ Websphere Application Server Version6.1.0.11

Ibm ≫ Websphere Application Server Version6.1.0.13

Ibm ≫ Websphere Application Server Version6.1.0.15

Ibm ≫ Websphere Application Server Version6.1.0.17

Ibm ≫ Websphere Application Server Version6.1.0.19

Ibm ≫ Websphere Application Server Version6.1.0.21

Ibm ≫ Websphere Application Server Version6.1.0.23

Ibm ≫ Websphere Application Server Version6.1.0.25

Ibm ≫ Websphere Application Server Version6.1.0.27

Ibm ≫ Websphere Application Server Version6.1.0.29

Ibm ≫ Websphere Application Server Version7.0

Ibm ≫ Websphere Application Server Version7.0.0.1

Ibm ≫ Websphere Application Server Version7.0.0.3

Ibm ≫ Websphere Application Server Version7.0.0.5

Ibm ≫ Websphere Application Server Version7.0.0.7

Ibm ≫ Websphere Application Server Version7.0.0.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.55%	0.653

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www-01.ibm.com/support/docview.wss?uid=swg27007951

http://secunia.com/advisories/39838

http://www-01.ibm.com/support/docview.wss?uid=swg1PM06111

http://www.securityfocus.com/bid/40277

http://www.vupen.com/english/advisories/2010/1200

https://exchange.xforce.ibmcloud.com/vulnerabilities/58557

https://nvd.nist.gov/vuln/detail/CVE-2010-0777

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0777

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0777

EUVD