5 matches found
EUVD-2010-1638
Malware in sbrugna...
Security Bulletin: Vulnerabilities disclosed by OpenSSL project on August 6, 2014 that impact DataPower (CVE-2014-3508 and CVE-2014-3511)
Summary There were multiple vulnerabilities disclosed on August 6, 2014 by the OpenSSL Project. Two of them impact DataPower appliances. Vulnerability Details CVE-ID: CVE-2014-3508 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in OBJobj2txt...
Cross site scripting
Cross-site scripting XSS vulnerability in the echo functionality on IBM WebSphere DataPower SOA appliances with firmware 3.8.2, 4.0, 4.0.1, 4.0.2, and 5.0.0 allows remote attackers to inject arbitrary web script or HTML via a SOAP message, as demonstrated by the XML Firewall, Multi Protocol Gatew...
CVE-2013-0499
Cross-site scripting XSS vulnerability in the echo functionality on IBM WebSphere DataPower SOA appliances with firmware 3.8.2, 4.0, 4.0.1, 4.0.2, and 5.0.0 allows remote attackers to inject arbitrary web script or HTML via a SOAP message, as demonstrated by the XML Firewall, Multi Protocol Gatew...
CVE-2010-1612
CVE-2010-1612 affects IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances prior to 3.8.0.0. The issue arises when using a QLOGIC Ethernet interface and involves processing malformed ...