2 matches found
IBM WebSphere应用服务器-trace选项信息泄露漏洞
CVE ID: CVE-2010-1650 IBM Websphere应用服务器以Java和Servlet引擎为基础,支持多种HTTP服务,可帮助用户完成从开发、发布到维护交互式的动态网站的所有工作。 在启用了-trace选项(也称为调试模式)的情况下,WebSphere应用服务器所执行的调试语句会打印出某些对象的字符串表示,本地用户可以通过读取追踪输出获得敏感信息。 IBM Websphere Application Server 7.0.x IBM Websphere Application Server 6.1.x IBM Websphere Application Server...
CVE-2010-1650
CVE-2010-1650 affects IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11. When WAS is run with the -trace (debugging) option enabled, it prints string representations of unspecified objects, allowing a local attacker to read trace output...