3 matches found
Security Bulletin: Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.0.1
Abstract Cross reference list for security vulnerabilities fixed in IBM WebSphere Application Server Fix Pack 8.5.0.1 Content VULNERABILITY DETAILS: CVE ID:CVE-2012-3304 PM54356 DESCRIPTION: WebSphere Application Server could allow a remote attacker to hijack a valid user’s session, caused by an...
Security Bulletin: Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.5
Abstract Cross reference list for security vulnerabilities fixed in IBM WebSphere Application Server Fix Pack 8.0.0.5 Content VULNERABILITY DETAILS: CVE ID:CVE-2012-3304 PM54356 DESCRIPTION: WebSphere Application Server could allow a remote attacker to hijack a valid user’s session, caused by an...
CVE-2012-3304
Summary of the CVEs (IBM WebSphere Application Server family, 2012 vintage): Multiple flaws across WAS versions 6.1, 7.0, 8.0, and 8.5 allow remote or local attackers to hijack sessions (CVE-2012-3304), traverse directories (CVE-2012-3305, PM62467), bypass security restrictions via Federated Repo...