Vulnerabilities > IBM > Websphere Application Server > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-22 | CVE-2005-3760 | Buffer Errors vulnerability in IBM Websphere Application Server 5.0 Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND). | 7.8 |
2005-06-03 | CVE-2005-1872 | Remote Security vulnerability in IBM Websphere Application Server 5.0 Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code. | 7.5 |
2001-12-06 | CVE-2001-0824 | Cross-Site Scripting vulnerability in IBM WebSphere Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page. | 7.5 |
2001-09-19 | CVE-2001-0962 | Unspecified vulnerability in IBM products IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | 7.5 |
2000-06-08 | CVE-2000-0497 | Improper Handling of Case Sensitivity vulnerability in IBM Websphere Application Server 3.0.2 IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | 7.5 |
1999-12-02 | CVE-1999-0852 | Unspecified vulnerability in IBM Websphere Application Server 3.0 IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin. | 7.2 |