4 matches found
Security Bulletin: Ensure that DataPower services running in production environments are not configured to blindly echo requests. (CVE-2013-0499)
Abstract DataPower services like XML Firewall, Multi Protocol Gateway, Web Service Proxy and Web Token Service when configured to blindly echo requests could result in potential security vulnerability in production environments. Content VULNERABILITY DETAILS: DESCRIPTION: For the purposes of...
CVE-2013-0499
Cross-site scripting XSS vulnerability in the echo functionality on IBM WebSphere DataPower SOA appliances with firmware 3.8.2, 4.0, 4.0.1, 4.0.2, and 5.0.0 allows remote attackers to inject arbitrary web script or HTML via a SOAP message, as demonstrated by the XML Firewall, Multi Protocol Gatew...
CVE-2013-0499
CVE-2013-0499 affects IBM WebSphere DataPower appliances (firmware 3.8.2, 4.0, 4.0.1, 4.0.2, 5.0.0). The vulnerability is a cross-site scripting (XSS) flaw in the echo functionality used by XML Firewall, Multi Protocol Gateway (MPGW), Web Service Proxy, and Web Token Service when configured to bl...
CentOS 6 : xinetd (CESA-2013:0499)
An updated xinetd package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...