Vulnerabilities > IBM > Websphere Application Server > 7.0.0.36

DATE CVE VULNERABILITY TITLE RISK
2016-09-01 CVE-2016-0385 Information Exposure vulnerability in IBM Websphere Application Server
Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors.
network
high complexity
ibm CWE-200
3.1
3.1
2016-08-08 CVE-2016-2960 Improper Access Control vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x before 8.5.5.10, 8.5.0.x and 16.0.0.x Liberty before Liberty Fix Pack 16.0.0.3, and 9.0.0.x before 9.0.0.1 allows remote attackers to cause a denial of service via crafted SIP messages.
network
high complexity
ibm CWE-284
3.7
3.7
2016-07-03 CVE-2016-0359 Unspecified vulnerability in IBM Websphere Application Server
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 Full before 8.5.5.10, and 8.5 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
network
low complexity
ibm
6.1
6.1