CVE-2009-0437
https://notcve.org/view.php?id=CVE-2009-0437
The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file. El proceso de instalación de The Installation Factory en WebSphere Aplication Server (WAS) v6.0.2 en Windows, cuando WAS se registra como un servicio, permite a usuarios locales obtener información sensitiva leyendo los ficheros de registro logs/instconfigifwas6.log. • http://www-1.ibm.com/support/docview.wss?uid=swg1PK67405 http://www.securityfocus.com/bid/33849 https://exchange.xforce.ibmcloud.com/vulnerabilities/48527 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2009-0391
https://notcve.org/view.php?id=CVE-2009-0391
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers to read arbitrary files via unknown vectors. Una vulnerabilidad sin especificar en el IBM WebSphere Application Server (WAS) 6.0.1 en z/OS permite a los atacantes leer ficheros arbitrarios a través de vectores desconocidos. • http://osvdb.org/51663 http://secunia.com/advisories/33729 http://www-01.ibm.com/support/docview.wss?uid=swg1PK72036 http://www-01.ibm.com/support/docview.wss?uid=swg1PK79232 http://www.securityfocus.com/bid/33533 http://www.securitytracker.com/id?1021658 http://www.vupen.com/english/advisories/2009/0423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-5412
https://notcve.org/view.php?id=CVE-2008-5412
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438. Una vulnerabilidad no especificada en IBM WebSphere Application Server (WAS) versiones 7 y anteriores a 7.0.0.1 en Windows, presenta un impacto y vectores de ataque desconocidos relacionados con JSP. • http://secunia.com/advisories/33022 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK75248 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 https://exchange.xforce.ibmcloud.com/vulnerabilities/47134 •
CVE-2008-5413
https://notcve.org/view.php?id=CVE-2008-5413
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434. PerfServlet en el componente PMI/Performance Tools en IBM WebSphere Application Server (WAS) versiones 7 anteriores a 7.0.0.1, permite a los atacantes obtener información confidencial mediante la lectura de los archivos (1) systemout.log y (2) ffdc. NOTA: esto es probablemente un duplicado de CVE-2009-0434. • http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK63886 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 http://www.vupen.com/english/advisories/2009/0423 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-5414
https://notcve.org/view.php?id=CVE-2008-5414
Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken." Vulnerabilidad sin especificar en el Feature Pack para Web Services en el componente Web Services Security en IBM WebSphere Application Server (WAS) 7 anterior a v7.0.0.1, tiene un impacto y vectores de ataque desconocidos, relacionados con "userNameToken". • http://secunia.com/advisories/33022 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK67282 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 https://exchange.xforce.ibmcloud.com/vulnerabilities/47136 •