Ibm

Websphere Application Server

437 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2008-5412

  • EPSS 1.35%
  • Veröffentlicht 10.12.2008 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438.

5

CVE-2008-5413

  • EPSS 0.3%
  • Veröffentlicht 10.12.2008 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of...

10

CVE-2008-5414

  • EPSS 1.27%
  • Veröffentlicht 10.12.2008 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken."

7.8

CVE-2008-4678

  • EPSS 1.97%
  • Veröffentlicht 22.10.2008 18:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The HTTP_Request_Parser method in the HTTP Transport component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service (controller 0C4 abend and application hang) via a long HTTP Host heade...

6.8

CVE-2008-4679

  • EPSS 0.3%
  • Veröffentlicht 22.10.2008 18:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists (CRL), does not call the setRevocationEn...

9.3

CVE-2008-4111

  • EPSS 1.04%
  • Veröffentlicht 16.09.2008 23:00:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown impact and attack vectors.

10

CVE-2008-3235

  • EPSS 0.99%
  • Veröffentlicht 21.07.2008 16:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors.

5

CVE-2008-3236

  • EPSS 0.52%
  • Veröffentlicht 21.07.2008 16:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties"...

5

CVE-2008-2550

  • EPSS 0.55%
  • Veröffentlicht 04.06.2008 20:32:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Web Services Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.17 has unknown impact and attack vectors related to an attribute in the SOAP security header.

10

CVE-2008-2221

  • EPSS 1.02%
  • Veröffentlicht 14.05.2008 18:20:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Java plugin in IBM WebSphere Application Server 5.0.2 allows untrusted applets to gain privileges via unknown attack vectors.