Vulnerability in Ibm Websphere_application_server
CVE-2009-0217
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2)…
EPSS: 0.063 (92.8th percentile) — read the EPSS interpretation.
Affected products
- Ibm Websphere_application_server — versions 6.0, 6.0.0.1, 6.0.0.2
- Mono_project Mono — versions 1.2.1, 1.2.2, 1.2.3
- Oracle Application_server — versions 10.1.2.3, 10.1.3.4, 10.1.4.3im
- Oracle Bea_product_suite — versions 8.1, 9.0, 9.1
- Oracle Weblogic_server_component — versions 8.1, 9.0, 9.1
- N/a — versions n/a
Public proof-of-concept exploits
References
- cret@cert.org (x_refsource_REDHAT, vendor-advisory)
- cret@cert.org (vdb-entry, x_refsource_VUPEN)
- cret@cert.org (x_refsource_CONFIRM)
- cret@cert.org (x_refsource_CONFIRM)
- cret@cert.org (x_refsource_SECUNIA, third-party-advisory)
- cret@cert.org (vendor-advisory, x_refsource_GENTOO)
- cret@cert.org (vendor-advisory, Patch, Vendor Advisory, x_refsource_AIXAPAR)
- cret@cert.org (x_refsource_REDHAT, vendor-advisory)
- cret@cert.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cret@cert.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
Frequently asked questions
- What is CVE-2009-0217?
- CVE-2009-0217 is a vulnerability in Ibm Websphere_application_server. Published 2009-07-14.
- Is CVE-2009-0217 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.