Vigil@nce - WebSphere AS 7: two vulnerabilities
June 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can obtain information or generate a denial of service
via Websphere Application Server.
Severity: 2/4
Creation date: 21/06/2010
DESCRIPTION OF THE VULNERABILITY
Two vulnerabilities were announced in Websphere Application Server.
An attacker can send a malformed message, in order to read a file
or to generate a denial of service via JAX-WS/JAX-RS.
[severity:2/4; CVE-2010-1632, PM14844]
An unknown vulnerability impacts WebSphere Application Server.
[severity:1/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/WebSphere-AS-7-two-vulnerabilities-9718