CVE-2011-1313

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 6.1.0.x through 6.1.0.34 IBM WebSphere Application Server versions 7.x through 7.0.0.14

Description A double free issue allows remote backend IIOP servers to cause a denial of service, resulting in a S0C4 ABEND and storage corruption. This can occur when IIOP requests are rejected at specific time instants, such as during an ORB Request::getACRWorkElementPtr function call.

Recommendations For IBM WebSphere Application Server versions 6.1.0.x through 6.1.0.34, update to version 6.1.0.35 or later. For IBM WebSphere Application Server versions 7.x through 7.0.0.14, update to version 7.0.0.15 or later.