CVE-2009-0903
The CVE affects IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.3 and the Web Services Feature Pack for WAS 6.1 prior to 6.1.0.25. When a WS-Security policy is set at the operation level, inbound requests that lack a SOAPAction or WS-Addressing Action are not handled correctly, enabling...