CVE-2011-2754
https://notcve.org/view.php?id=CVE-2011-2754
Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en PageBuilder2 (Page Builder aka) en IBM WebSphere Portal v7.0.0.1 7.x antes de CF006, como el usado en IBM Content Manager Web (WCM) y otros productos, permite a atacantes remotos inyectar arbitrariamente web script o HTML a través de vectores no especificados. • http://secunia.com/advisories/45106 http://www.ibm.com/support/docview.wss?uid=swg21503959 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-2173
https://notcve.org/view.php?id=CVE-2011-2173
The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via requests. La implementación de objetos OutputMediator en IBM WebSphere Portal v6.0.1.7, v7.0.0.1 y anteriores a CF002, permite a usuarios remotos autenticados causar una denegación de servicio (consumo de memoria) a través de peticiones. • http://www-01.ibm.com/support/docview.wss?uid=swg1PM33432 http://www.ibm.com/support/docview.wss?uid=swg24029452 https://exchange.xforce.ibmcloud.com/vulnerabilities/67687 • CWE-399: Resource Management Errors •
CVE-2011-0679
https://notcve.org/view.php?id=CVE-2011-0679
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message." IBM WebSphere Portal v6.0.1.1 hasta v7.0.0.0, como el utilizado en IBM Lotus Web Content Management (WCM) e IBM Lotus Quickr para WebSphere Portal, permite a atacantes remotos obtener información sensible a través de un "mensaje modificado." • http://osvdb.org/70688 http://secunia.com/advisories/43081 http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159 http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167 http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319 http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320 http://www-01.ibm.com/support/docview.wss? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2009-1010
https://notcve.org/view.php?id=CVE-2009-1010
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server 8.2.2 y 8.3.0 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad, relacionado con HTML, una vulnerabilidad diferente a CVE-2009-1008. • http://osvdb.org/53749 http://secunia.com/advisories/34693 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •
CVE-2009-1008
https://notcve.org/view.php?id=CVE-2009-1008
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server 8.2.2 y 8.3.0 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad, relacionado con HTML, una vulnerabilidad diferente a CVE-2009-1010. • http://osvdb.org/53747 http://secunia.com/advisories/34693 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •