Show filters
103 Total Results
Displaying 91-100 of 103
Sort by:
Attacker Value
Unknown
CVE-2010-0779
Disclosure Date: June 24, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2010-2324
Disclosure Date: June 18, 2010 (last updated October 04, 2023)
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS allows attackers to perform unspecified "link injection" actions via unknown vectors.
0
Attacker Value
Unknown
CVE-2010-2328
Disclosure Date: June 18, 2010 (last updated October 04, 2023)
The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (NullPointerException) via a large amount of chunked data that uses gzip compression.
0
Attacker Value
Unknown
CVE-2010-2326
Disclosure Date: June 18, 2010 (last updated October 04, 2023)
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when addNode -trace is used during node federation, allows attackers to obtain sensitive information about CIMMetadataCollectorImpl trace actions by reading the addNode.log file.
0
Attacker Value
Unknown
CVE-2010-2325
Disclosure Date: June 18, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related in part to "URL injection."
0
Attacker Value
Unknown
CVE-2010-2323
Disclosure Date: June 18, 2010 (last updated October 04, 2023)
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain sensitive information by reading the default_create.log file that is associated with profile creation by the BBOWWPFx job and the zPMT.
0
Attacker Value
Unknown
CVE-2010-2327
Disclosure Date: June 18, 2010 (last updated October 04, 2023)
mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server (WAS) on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which might allow remote attackers to cause a denial of service (daemon fail) via an upload.
0
Attacker Value
Unknown
CVE-2010-0775
Disclosure Date: May 17, 2010 (last updated October 04, 2023)
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components.
0
Attacker Value
Unknown
CVE-2010-0776
Disclosure Date: May 17, 2010 (last updated October 04, 2023)
The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle chunked transfer encoding during a call to response.sendRedirect, which allows remote attackers to cause a denial of service via a GET request.
0
Attacker Value
Unknown
CVE-2010-0774
Disclosure Date: May 17, 2010 (last updated October 04, 2023)
The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 do not properly handle WebServices PKCS#7 and PKIPath tokens, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
0