Ibm

Websphere Application Server

443 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2007-5944

  • EPSS 2.53%
  • Veröffentlicht 14.11.2007 01:46:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. NOTE: this might...

4.3

CVE-2007-5798

  • EPSS 0.46%
  • Veröffentlicht 03.11.2007 00:46:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to inject arbitrary web script or HTML via th...

4.3

CVE-2007-5799

  • EPSS 0.21%
  • Veröffentlicht 03.11.2007 00:46:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to perform some actions as WAS UDDI us...

10

CVE-2007-5483

  • EPSS 1.48%
  • Veröffentlicht 16.10.2007 23:17:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors.

5

CVE-2007-4833

  • EPSS 0.64%
  • Veröffentlicht 12.09.2007 19:17:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789.

7.5

CVE-2007-4839

  • EPSS 0.39%
  • Veröffentlicht 12.09.2007 19:17:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803.

9.3

CVE-2007-3960

  • EPSS 0.77%
  • Veröffentlicht 24.07.2007 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6.0.2.21) have unknown impact and attack vectors, aka (1) PK33799, or (2) a "Potential security exposure" in the Samples component (PK40213).

5

CVE-2007-3397

  • EPSS 0.69%
  • Veröffentlicht 26.06.2007 17:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed connection error, which might allow remote attackers t...

7.8

CVE-2007-3262

  • EPSS 2.23%
  • Veröffentlicht 19.06.2007 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPA...

10

CVE-2007-3263

  • EPSS 1.4%
  • Veröffentlicht 19.06.2007 18:30:00
  • Zuletzt bearbeitet 23.04.2026 00:35:47

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors, related to "incorrect authorization on a remote interface to the SDO repository."