CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2009-2741
https://notcve.org/view.php?id=CVE-2009-2741
Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad sin especificar en la aplicación wberuntimeear en el servlet de prueba en IBM WebSphere Business Events v6.1 y v6.2 que permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • http://www-01.ibm.com/support/docview.wss?uid=swg1IZ56367 https://exchange.xforce.ibmcloud.com/vulnerabilities/53189 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2009-3159
https://notcve.org/view.php?id=CVE-2009-3159
Unspecified vulnerability in the rriDecompress function in IBM WebSphere MQ 7.0.0.0, 7.0.0.1, and 7.0.0.2 allows remote attackers to cause a denial of service via unknown vectors. Vulnerabilidad sin especificar en la función rriDecompress function de IBM WebSphere MQ v7.0.0.0, v7.0.0.1 v7.0.0.2 permite a atacantes remotos provocar una denegación de servicio a través de vectores de ataque desconocidos. • http://secunia.com/advisories/36647 http://www-01.ibm.com/support/docview.wss?uid=swg24024153 http://www-1.ibm.com/support/docview.wss?uid=swg1IC62450 http://www.securityfocus.com/bid/36310 http://www.vupen.com/english/advisories/2009/2578 •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2009-3160
https://notcve.org/view.php?id=CVE-2009-3160
IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue. IBM WebSphere MQ v6.x desde v6.0.2.7, v7.0.0.0, v7.0.0.1, v7.0.0.2, y v7.0.1.0, cuando "read ahead" o "asynchronous message consumption" esta activado, permite a atacantes remotos obtener un impacto desconocido a traves de vectores desconocidos, relacionado con la sobrescritura de memoria. • http://secunia.com/advisories/36647 http://www-01.ibm.com/support/docview.wss?uid=swg24024153 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259 http://www.securityfocus.com/bid/36310 http://www.vupen.com/english/advisories/2009/2578 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2009-3161
https://notcve.org/view.php?id=CVE-2009-3161
The server in IBM WebSphere MQ 7.0.0.1, 7.0.0.2, and 7.0.1.0 allows attackers to cause a denial of service (trap) or possibly have unspecified other impact via malformed data. El servidor IBM WebSphere MQ v7.0.0.1, v7.0.0.2, y v7.0.1.0 permite a los atacantes causar una denegación de servicio (compuerta) o posiblemente otro impacto no especificado a través de datos mal formados. • http://secunia.com/advisories/36647 http://www-01.ibm.com/support/docview.wss?uid=swg24024153 http://www-1.ibm.com/support/docview.wss?uid=swg1IC62164 http://www.securityfocus.com/bid/36310 http://www.vupen.com/english/advisories/2009/2578 •
CVSS: 5.0EPSS: 0%CPEs: 35EXPL: 0CVE-2009-3106
https://notcve.org/view.php?id=CVE-2009-3106
The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.37 does not properly implement security constraints on the (1) doGet and (2) doTrace methods, which allows remote attackers to bypass intended access restrictions and obtain sensitive information via a crafted HTTP HEAD request to a Web Application. El componente Servlet Engine/Web Container en IBM WebSphere Application Server (WAS) v6.0.2 anterior a v6.0.2.37, no implementa adecuadamente las restricciones de seguridad sobre los métodos (1) doGet y (2) doTrace, lo que permite a atacantes remotos evitar las restricciones de acceso intencionadas y obtener información sensible a través de una petición de cabecera (HEAD) HTTP a la Aplicación Web. • http://www-01.ibm.com/support/docview.wss?uid=swg27006876 http://www-1.ibm.com/support/docview.wss?uid=swg1PK83258 https://exchange.xforce.ibmcloud.com/vulnerabilities/53051 • CWE-264: Permissions, Privileges, and Access Controls •