Skip to main content

IBM WebSphere Application Server Web Services Feature Pack Multiple Vulnerabilities

Last Update Date: 10 Nov 2011 Release Date: 8 Nov 2011 5948 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Multiple vulnerabilities have been identified in IBM WebSphere Application Server Web Services Feature Pack, which can be exploited by malicious people to cause a Denial of Service (DoS).

  1. WSRMModule holds on to AxisService references and eventually causes OutOfMemory error.
  2. org.apache.commons.logging.LogFactory retaining a reference to an SCAClassLoader cause OutOfMemory error.
  3. JAX-WS MTOM requests fail when trace is enabled.
  4. JAX-WS applications on Feature Pack for Web Services 6.1.0.37 might malfunction when webservices trace is enabled.
  5. Possible security vulnerability in WS-Security enabled JAX-WS applications.

Impact

  • Denial of Service

System / Technologies affected


Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 


Vulnerability Identifier

  • No CVE information is available

Source


Related Link