CVE-2009-1953
IBM FileNet Content Manager versions 4.0, 4.0.1, and 4.5 (as used in IBM WebSphere Application Server and Oracle BEA WebLogic) are affected. The CE Web Services listener, under a specific WSEAF configuration, does not properly constrain a cached Subject, enabling remote attackers to access creden...