Websphere Application Server Security Vulnerabilities and Issues — Websphere Application Server CVE List

Lucene search

IbmWebsphere Application Server

5 matches found

CVE•added 2007/06/19 6:30 p.m.•44 views

CVE-2007-3263

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors, related to "incorrect authorization on a remote interface to the SDO repository."

10CVSS6.5AI score0.01349EPSS

CVE•added 2007/06/19 6:30 p.m.•39 views

CVE-2007-3262

Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak.

7.8CVSS6.6AI score0.02237EPSS

CVE•added 2007/06/19 6:30 p.m.•39 views

CVE-2007-3265

Cross-site scripting (XSS) vulnerability in the Samples component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.6AI score0.00649EPSS

CVE•added 2007/06/19 6:30 p.m.•38 views

CVE-2007-3264

Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors.

10CVSS6.4AI score0.01003EPSS

CVE•added 2007/06/26 5:30 p.m.•37 views

CVE-2007-3397

The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed connection error, which might allow remote attackers to obtain sensitive information.

5CVSS6.3AI score0.00649EPSS