[email protected]CVE-2011-1313

HistoryMar 08, 2011 - 9:59 p.m.

CVE-2011-1313

2011-03-0821:59:00

CWE-399

[email protected]

web.nvd.nist.gov

ibm websphere

vulnerability

cve-2011-1313

denial of service

storage corruption

nvd

6.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

40.1%

JSON

Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call.

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq6.1.0.21
ibm:websphere_application_serveribm websphere application servereq6.1.0.31
ibm:websphere_application_serveribm websphere application servereq6.1.0.19
ibm:websphere_application_serveribm websphere application servereq6.1.0.2
ibm:websphere_application_serveribm websphere application servereq6.1.0.33
ibm:websphere_application_serveribm websphere application servereq6.1.0.25
ibm:websphere_application_serveribm websphere application servereq6.1.0.11
ibm:websphere_application_serveribm websphere application servereq6.1.0.9
ibm:websphere_application_serveribm websphere application servereq6.1.0.0
ibm:websphere_application_serveribm websphere application servereq6.1.0.1

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.21
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.31
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.19
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.2
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.33
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.25
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.11
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.9
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.0
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.1

Rows per page:

1-10 of 321

References

www-01.ibm.com/support/docview.wss?uid=swg1PM17170

www-01.ibm.com/support/docview.wss?uid=swg27014463

6.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

40.1%

JSON

Related for CVE-2011-1313

cvelist1 prion1 openvas2 nessus2