Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-1898 | 5.0 |
The secure login page in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 does not redirect to an https page upon receiving an http request, which makes it easier for remote attackers to read the co
|
17-08-2017 - 01:30 | 03-06-2009 - 17:00 | |
CVE-2009-1900 | 5.0 |
The Configservice APIs in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.25, and 7.0 before 7.0.0.5, when tracing is enabled, allow remote attackers to obtain sensitive informati
|
17-08-2017 - 01:30 | 03-06-2009 - 17:00 | |
CVE-2009-1899 | 10.0 |
Unspecified vulnerability in the Administrative Configservice API in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.25, and 7.0 before 7.0.0.5 on z/OS allows remote authent
|
17-08-2017 - 01:30 | 03-06-2009 - 17:00 | |
CVE-2009-1901 | 10.0 |
The Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 permits "non-standard http methods," which has unknown impact and remote attack vectors.
|
17-08-2017 - 01:30 | 03-06-2009 - 17:00 | |
CVE-2009-0508 | 7.5 |
The Servlet Engine/Web Container and JSP components in IBM WebSphere Application Server (WAS) 5.1.0, 5.1.1.19, 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.23, and 7.0 before 7.0.0.3 allow remote attackers to read arbitrary files contained in war files in
|
08-08-2017 - 01:33 | 16-03-2009 - 19:30 | |
CVE-2009-1174 | 10.0 |
The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 and 7.0 before 7.0.0.3 has an unspecified "security problem" in the XML digital-signature specification, which has unknown impact and attack vectors.
|
07-09-2016 - 15:27 | 31-03-2009 - 14:09 | |
CVE-2009-0856 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in sample applications in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, and 6.1 before 6.1.0.23 on z/OS, allow remote attackers to inject arbitrary web script or HTML via unspecified
|
05-06-2009 - 04:00 | 09-03-2009 - 21:30 |