- Home
- CVEs with nessus.description==IBM WebSphere Application Server 6.1 before Fix Pack 41 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities :
- A cross-site scripting vulnerability via vectors related to web messaging. (CVE-2011-5065)
- A cross-site scripting vulnerability in the Installation Verification Test (IVT) in the Install component.
(CVE-2011-1362)
- The SibRaRecoverableSiXaResource class in the Default Messaging Component does not properly handle a Service Integration Bus (SIB) dump operation involving the Failure Data Capture (FFDC) introspection code. This can allow local users to obtain sensitive information by reading the FFDC log file. (CVE-2011-5066)
- A directory traversal vulnerability in the administration console that allows remote attackers to read arbitrary files on the host. (CVE-2011-1359)
- A potential Denial of Service with malicious range requests. (CVE-2011-3192)
- An unspecified vulnerability in the Web Services Security component when enabling WS-Security for a JAX-WS application. (CVE-2011-1377)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top