CVE-2014-6176

CVE-2014-6176 affects IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and IBM Business Process Manager Advanced (7.5.x up to 7.5.1.2, 8.0.x up to 8.0.1.3, and 8.5.x up to 8.5.5). The vulnerability arises because the SCA module HTTP binding ignores the SSL setting from the ...

CVE-2014-6176

IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5 disregard the SSL setting in the SCA module HTTP import binding and unconditionally select the SSLv3 protocol, which...

IBM WebSphere Application Server vulnerable to denial-of-service (DoS)

Overview IBM WebSphere Application Server WAS contains a denial-of-service DoS vulnerability. IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. According to the developer: " For other IBM software products that contain...

JVN#26301278: IBM WebSphere Application Server vulnerable to denial-of-service (DoS)

IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer...

Design/Logic Flaw

IBM WebSphere Process Server WPS 6.1.2 before 6.1.2.3 and 6.2 before 6.2.0.1 does not properly restrict configuration data during an export of the cluster configuration file from the administrative console, which allows remote authenticated users to obtain the 1 JMSAPI, 2 ESCALATION, and 3...

CVE-2009-0507

IBM WebSphere Process Server WPS 6.1.2 before 6.1.2.3 and 6.2 before 6.2.0.1 does not properly restrict configuration data during an export of the cluster configuration file from the administrative console, which allows remote authenticated users to obtain the 1 JMSAPI, 2 ESCALATION, and 3...

CVE-2009-0507

The CVE-2009-0507 entry concerns IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2 before 6.2.0.1. The vulnerability arises because the administrative console’s export of the cluster configuration file does not properly restrict configuration data, enabling remote authenticated user...

CVE-2006-5265

Unspecified vulnerability in Microsoft Dynamics GP formerly Great Plains 9.0 and earlier allows remote attackers to cause a denial of service crash via an invalid magic number in a Distributed Process Server DPS message...

CVE-2006-5266

Multiple buffer overflows in Microsoft Dynamics GP formerly Great Plains 9.0 and earlier allow remote attackers to execute arbitrary code via 1 a crafted Distributed Process Manager DPM message to the a DPM component, or a 2 long string or 3 long IP address in a Distributed Process Server DPS...

CVE-2006-5266

Multiple buffer overflows in Microsoft Dynamics GP formerly Great Plains 9.0 and earlier allow remote attackers to execute arbitrary code via 1 a crafted Distributed Process Manager DPM message to the a DPM component, or a 2 long string or 3 long IP address in a Distributed Process Server DPS...