CVE-2009-0440
22.02.2009, 22:30
IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet (aka RNIF) document to a backend application, related to (1) "altered service content" and (2) "digital signature foot-print."Enginsight
Vendor | Product | Version |
---|---|---|
ibm | websphere_partner_gateway | 6.0.0 |
ibm | websphere_partner_gateway | 6.0.0.1 |
ibm | websphere_partner_gateway | 6.0.0.2 |
ibm | websphere_partner_gateway | 6.0.0.3 |
ibm | websphere_partner_gateway | 6.0.0.4 |
ibm | websphere_partner_gateway | 6.0.0.5 |
ibm | websphere_partner_gateway | 6.0.0.6 |
ibm | websphere_partner_gateway | 6.0.0.7 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References