- Home
- CVEs with nessus.description==IBM WebSphere Application Server 7.0 before Fix Pack 11 appears to be running on the remote host. As such, it is reportedly affected by the following vulnerabilities :
- WS-Security processing problems with PKIPath and PKCS#7 tokens could lead to a security bypass vulnerability. (PK96427)
- An OutOfMemory condition related to the Deployment Manager and nodeagent could lead to a denial of service. (PM05663)
- The Web Container does not properly handle long filenames, which may cause it to respond with the incorrect file, resulting in the disclosure of potentially sensitive information. (PM06111)
- An information disclosure vulnerability exists when the '-trace' option (aka debugging mode) is enabled since WAS executes debugging statements that print string representations of unspecified objects. (PM06839)
- An error occurs when the Web Contained calls response.sendRedirect with a Transfer-Encoding:
chunked, which could cause a denial of service.
(PM08760)
- An information disclosure vulnerability in SIP logging could allow a local, authenticated attacker to gain access to sensitive information. (PM08892)
- A possible NullPointerException when handling large chunked gzip encoded data. (PM08894)
- A possible link injection vulnerability. (PM09250)
- The web server can fail during an upload over SSL that is larger than 2 GB. (PM10270)
- Administration console sensitive information might appear in addNode.log when -trace option enabled. (PM10684)
- Cross-site scripting and URL injection vulnerability in admin console. (PM11778)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top