The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of WebSphere AS 5.1.1: several vulnerabilities

Synthesis of the vulnerability 

Several vulnerabilities of WebSphere AS permit an attacker to obtain information or to attack the service.
Vulnerable software: WebSphere AS Traditional.
Severity of this announce: 2/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 27/04/2007.
Références of this computer vulnerability: CVE-2006-7198, PK26123, PK31722, PK34903, PK34909, VIGILANCE-VUL-6769.

Description of the vulnerability 

Several vulnerabilities were announced in WebSphere Application Server.

Here is an extract of changelog:
Deadlock in JMS component in WebSphere Application Server. [severity:2/4; PK34909]
When setting ping interval = 0 it causes high CPU usage. [severity:2/4; PK31722]
Potential security exposure. [severity:2/4; CVE-2006-7198, PK26123]
Make mutlithreaded client-sent soap headers thread-safe. [severity:2/4; PK34903]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity bulletin impacts software or systems such as WebSphere AS Traditional.

Our Vigil@nce team determined that the severity of this cybersecurity weakness is medium.

The trust level is of type confirmed by the editor, with an origin of internet client.

This bulletin is about 4 vulnerabilities.

An attacker with a expert ability can exploit this computer vulnerability bulletin.

Solutions for this threat 

WebSphere AS 5.1.1: Fix Pack 14.
Version 5.1.1.14 is corrected:
  http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24014996
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides applications vulnerabilities announces. The Vigil@nce vulnerability database contains several thousand vulnerabilities.