IBM WebSphere Application Server Lets Remote Users Spoof Servlets : 8/19/2015 1:58:05 PM

Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >>
From our sponsors
 

 

Vulnerability Databse
This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text.

IBM WebSphere Application Server Lets Remote Users Spoof Servlets
8/19/2015 12:00:00 AM

IBM WebSphere Application Server Lets Remote Users Spoof Servlets
SecurityTracker Alert ID:  1033324
SecurityTracker URL:  http://securitytracker.com/id/1033324
CVE Reference:   CVE-2015-4938   (Links to External Site)
Date:  Aug 19 2015
Impact:   Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7, 8, 8.5
Description:   A vulnerability was reported in IBM WebSphere Application Server. A remote user can spoof servlets.

This can be exploited to persuade the target user to enter potentially sensitive information.

Impact:   A remote user can spoof a server.
Solution:   The vendor has issued a fix (APAR PI37396).

The vendor's advisory is available at:

http://www-01.ibm.com/support/docview.wss?uid=swg21963275

Vendor URL:  www-01.ibm.com/support/docview.wss?uid=swg21963275 (Links to External Site)
Cause:   Not specified
Underlying OS:   Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any), z/OS

Message History:   None.

 

You are receiving this email because you subscribed to this feed at feedmyinbox.com

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

Diberdayakan oleh Blogger.