PT-2010-4165 · Ibm · Ibm Websphere Commerce Enterprise

Publicado

2010-12-06

Atualizado

2017-08-17

CVE-2010-2639

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM WebSphere Commerce Enterprise version 7.0 before 7.0.0.2

Description The issue allows remote attackers to read messages intended for other recipients via vectors involving access by the outbound messaging system to the RunTimeProfileCacheCmdImpl class, related to the caching of mutable objects and concurrency issues.

Recommendations For IBM WebSphere Commerce Enterprise version 7.0 before 7.0.0.2, update to version 7.0.0.2 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2010-2639

Produtos afetados

Ibm Websphere Commerce Enterprise

PT-2010-4165 · Ibm · Ibm Websphere Commerce Enterprise

CVE-2010-2639

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5