Ibm

Websphere Application Server

435 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2008-0389

  • EPSS 1.38%
  • Veröffentlicht 23.01.2008 02:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.25, 6.1 through 6.1.0.14, and 5.1.1.x before 5.1.1.18 has unknown impact and attack vectors.

10

CVE-2007-6679

  • EPSS 1.33%
  • Veröffentlicht 10.01.2008 02:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 ...

4.3

CVE-2007-5944

  • EPSS 2.13%
  • Veröffentlicht 14.11.2007 01:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. NOTE: this might...

4.3

CVE-2007-5798

  • EPSS 0.43%
  • Veröffentlicht 03.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to inject arbitrary web script or HTML via th...

4.3

CVE-2007-5799

  • EPSS 0.2%
  • Veröffentlicht 03.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to perform some actions as WAS UDDI us...

10

CVE-2007-5483

  • EPSS 1.23%
  • Veröffentlicht 16.10.2007 23:17:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors.

5

CVE-2007-4833

  • EPSS 0.58%
  • Veröffentlicht 12.09.2007 19:17:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789.

7.5

CVE-2007-4839

  • EPSS 0.32%
  • Veröffentlicht 12.09.2007 19:17:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803.

9.3

CVE-2007-3960

  • EPSS 0.74%
  • Veröffentlicht 24.07.2007 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6.0.2.21) have unknown impact and attack vectors, aka (1) PK33799, or (2) a "Potential security exposure" in the Samples component (PK40213).

5

CVE-2007-3397

  • EPSS 0.69%
  • Veröffentlicht 26.06.2007 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed connection error, which might allow remote attackers t...