IBM WebSphere Application Server Web Services Feature Pack Multiple Vulnerabilities
Last Update Date:
10 Nov 2011
Release Date:
8 Nov 2011
5948
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities have been identified in IBM WebSphere Application Server Web Services Feature Pack, which can be exploited by malicious people to cause a Denial of Service (DoS).
- WSRMModule holds on to AxisService references and eventually causes OutOfMemory error.
- org.apache.commons.logging.LogFactory retaining a reference to an SCAClassLoader cause OutOfMemory error.
- JAX-WS MTOM requests fail when trace is enabled.
- JAX-WS applications on Feature Pack for Web Services 6.1.0.37 might malfunction when webservices trace is enabled.
- Possible security vulnerability in WS-Security enabled JAX-WS applications.
Impact
- Denial of Service
System / Technologies affected
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download Fix Pack 41
http://www.ibm.com/support/docview.wss?rs=180&uid=swg24031034
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with