CVE-2009-2094

Name of the Vulnerable Software and Affected Versions IBM WebSphere Commerce version 6.0 before 6.0.0.8

Description The issue allows local users to obtain sensitive information when trace is enabled, although the exact vectors used for this are not specified.

Recommendations For IBM WebSphere Commerce version 6.0 before 6.0.0.8, update to version 6.0.0.8 or later to resolve the issue. As a temporary workaround, consider disabling the trace functionality until a patch is available.