>> IBM WebSphere Application Server Security Exposure Vulnerabilities
Title : IBM WebSphere Application Server Security Exposure Vulnerabilities VUPEN ID : VUPEN/ADV-2008-2566 CVE ID : CVE-2008-4111 - CVE-2009-0432 CWE ID : CWE-200
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-09-15
Technical Description
Two vulnerabilities have been identified in IBM WebSphere Application Server, which could be exploited to bypass security restrictions or gain knowledge of sensitive information.
The first issue is caused by an unspecified security exposure when the FileServing feature is enabled.
The second weakness is caused by an error in Wsadmin that may leave some previously encrypted properties unencrypted.
