Show filters
103 Total Results
Displaying 101-103 of 103
Sort by:
Attacker Value
Unknown

CVE-2010-0777

Disclosure Date: May 17, 2010 (last updated October 04, 2023)
The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading the retrieved file.
0
Attacker Value
Unknown

CVE-2010-1650

Disclosure Date: May 03, 2010 (last updated October 04, 2023)
IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option (aka debugging mode) is enabled, executes debugging statements that print string representations of unspecified objects, which allows attackers to obtain sensitive information by reading the trace output.
0
Attacker Value
Unknown

CVE-2010-1651

Disclosure Date: May 03, 2010 (last updated October 04, 2023)
IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic authentication and SIP tracing (aka full trace logging for SIP) are enabled, logs the entirety of all inbound and outbound SIP messages, which allows local users to obtain sensitive information by reading the trace log.
0