CVE-2009-0904
N/A
N/A
Summary
The IBM Stax XMLStreamWriter in the Web Services component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 does not properly process XML encoding, which allows remote attackers to bypass intended access restrictions and possibly modify data via "XML fuzzing attacks" sent through SOAP requests.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www-01.ibm.com/support/docview.wss?uid=swg27007951
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51490
- http://www.securityfocus.com/bid/35741
- http://www-1.ibm.com/support/docview.wss?uid=swg1PK84015
References
- http://www-01.ibm.com/support/docview.wss?uid=swg27007951
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51490
- http://www.securityfocus.com/bid/35741
- http://www-1.ibm.com/support/docview.wss?uid=swg1PK84015
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.