3 matches found
CVE-2009-0440
IBM WebSphere Partner Gateway (WPG) 6.0.0–6.0.0.7 is affected by a flaw where failures in signature verification are not handled properly. This could allow remote authenticated users to submit a crafted RosettaNet (RNIF) document to a backend application,涉及 (1) altered service content and (2) dig...
CVE-2009-2093
CVE-2009-2093 affects IBM WebSphere Partner Gateway (WPG) Enterprise versions 6.0 (before FP8), 6.1 (before FP3), 6.1.1 (before FP2), and 6.2 (before FP1). The issue is a SQL injection in the console that allows remote authenticated users to execute arbitrary SQL commands through unspecified vect...
CVE-2009-0897
The CVE-2009-0897 pertains to IBM WebSphere Partner Gateway (WPG) versions 6.1.0 prior to 6.1.0.1 and 6.1.1 prior to 6.1.1.1. It enables remote authenticated users to disclose sensitive information via vectors related to the schema DB2 instance id and the bcgarchive (archiver script). Affected co...