|
[Japanese]
|
JVNDB-2011-000017
|
IBM WebSphere Application Server vulnerable to denial-of-service (DoS)
|
|
IBM WebSphere Application Server (WAS) contains a denial-of-service (DoS) vulnerability.
IBM WebSphere Application Server contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).
According to the developer:
" For other IBM software products that contain an affected version of WAS, require an update. Specifically, WebSphere Process Server (WPS), WebSphere Enterprise Service Bus (WESB), WebSphere Virtual Enterprise (WVE), WebSphere Commerce and others are applicable. Also, IBM HTTP Server is not affected by this vulnerability."
|
|
CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Partial
|
|
|
IBM Corporation
- IBM WebSphere Application Server from V6.0 to V6.0.2.43
- IBM WebSphere Application Server from V6.1 to V6.1.0.35
- IBM WebSphere Application Server from V7.0 to V7.0.0.13
Hewlett-Packard Development Company, L.P
- HP Systems Insight Manager prior to v7.0
|
|
|
A remote attacker may cause a denial-of-service (DoS).
|
|
[Apply a patch]
Apply the appropriate patch according to the information provided by the developer.
|
|
IBM Corporation
Hewlett-Packard Development Company, L.P
NEC Corporation
- NEC Security Information : NV18-002 (in Japanese)
|
|
- Numeric Errors(CWE-189) [IPA Evaluation]
|
|
- CVE-2010-4476
|
|
- JVN : JVN#26301278
- National Vulnerability Database (NVD) : CVE-2010-4476
- Secunia Advisory : SA43295
- SecurityTracker : 1025062
|
|
- [2011/03/04]
Web page published
[2013/03/26]
Affected Products : Product was added (HPSBMU02769 SSRT100846)
Vendor Information : Content was added (HPSBMU02769 SSRT100846)
[2018/02/07]
Vendor Information : Content was added
|
