CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2009-0435
https://notcve.org/view.php?id=CVE-2009-0435
Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO or libibmaio) library in the Java Message Service (JMS) component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.17 on AIX 5.3 allows attackers to cause a denial of service (daemon crash) via vectors related to the aio_getioev2 and getEvent methods. Vulnerabilidad inespecifica en la libreria IBM Asynchronous I/O (tambien conocido como AIO o libibmaio) en el componente Java Message Service (JMS) en IBM WebSphere Application Server (WAS) v6.1.x anteriores a v6.1.0.7 en AIX v5.3 permite a los atacantes producir una denegacion de servicio (caida de demonio) a traves de vectores relacionados con los metodos "aio_getioev2" y "getEvent". • http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24019205 http://www-01.ibm.com/support/docview.wss?uid=swg27007951 http://www.securityfocus.com/bid/33700 https://exchange.xforce.ibmcloud.com/vulnerabilities/48525 •
CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0437
https://notcve.org/view.php?id=CVE-2009-0437
The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file. El proceso de instalación de The Installation Factory en WebSphere Aplication Server (WAS) v6.0.2 en Windows, cuando WAS se registra como un servicio, permite a usuarios locales obtener información sensitiva leyendo los ficheros de registro logs/instconfigifwas6.log. • http://www-1.ibm.com/support/docview.wss?uid=swg1PK67405 http://www.securityfocus.com/bid/33849 https://exchange.xforce.ibmcloud.com/vulnerabilities/48527 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0391
https://notcve.org/view.php?id=CVE-2009-0391
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers to read arbitrary files via unknown vectors. Una vulnerabilidad sin especificar en el IBM WebSphere Application Server (WAS) 6.0.1 en z/OS permite a los atacantes leer ficheros arbitrarios a través de vectores desconocidos. • http://osvdb.org/51663 http://secunia.com/advisories/33729 http://www-01.ibm.com/support/docview.wss?uid=swg1PK72036 http://www-01.ibm.com/support/docview.wss?uid=swg1PK79232 http://www.securityfocus.com/bid/33533 http://www.securitytracker.com/id?1021658 http://www.vupen.com/english/advisories/2009/0423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2008-5412
https://notcve.org/view.php?id=CVE-2008-5412
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438. Una vulnerabilidad no especificada en IBM WebSphere Application Server (WAS) versiones 7 y anteriores a 7.0.0.1 en Windows, presenta un impacto y vectores de ataque desconocidos relacionados con JSP. • http://secunia.com/advisories/33022 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK75248 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 https://exchange.xforce.ibmcloud.com/vulnerabilities/47134 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5413
https://notcve.org/view.php?id=CVE-2008-5413
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434. PerfServlet en el componente PMI/Performance Tools en IBM WebSphere Application Server (WAS) versiones 7 anteriores a 7.0.0.1, permite a los atacantes obtener información confidencial mediante la lectura de los archivos (1) systemout.log y (2) ffdc. NOTA: esto es probablemente un duplicado de CVE-2009-0434. • http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK63886 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 http://www.vupen.com/english/advisories/2009/0423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •