CVE-2009-1901

The Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 permits non-standard http methods, which has unknown impact and remote attack vectors.

Affected Software

Name	Vendor	Start Version	End Version
Websphere_application_server	Ibm	6.0.2	6.0.2
Websphere_application_server	Ibm	6.0.2.1	6.0.2.1
Websphere_application_server	Ibm	6.0.2.2	6.0.2.2
Websphere_application_server	Ibm	6.0.2.3	6.0.2.3
Websphere_application_server	Ibm	6.0.2.4	6.0.2.4
Websphere_application_server	Ibm	6.0.2.5	6.0.2.5
Websphere_application_server	Ibm	6.0.2.6	6.0.2.6
Websphere_application_server	Ibm	6.0.2.7	6.0.2.7
Websphere_application_server	Ibm	6.0.2.8	6.0.2.8
Websphere_application_server	Ibm	6.0.2.9	6.0.2.9
Websphere_application_server	Ibm	6.0.2.10	6.0.2.10
Websphere_application_server	Ibm	6.0.2.11	6.0.2.11
Websphere_application_server	Ibm	6.0.2.12	6.0.2.12
Websphere_application_server	Ibm	6.0.2.13	6.0.2.13
Websphere_application_server	Ibm	6.0.2.14	6.0.2.14
Websphere_application_server	Ibm	6.0.2.15	6.0.2.15
Websphere_application_server	Ibm	6.0.2.16	6.0.2.16
Websphere_application_server	Ibm	6.0.2.17	6.0.2.17
Websphere_application_server	Ibm	6.0.2.18	6.0.2.18
Websphere_application_server	Ibm	6.0.2.19	6.0.2.19
Websphere_application_server	Ibm	6.0.2.20	6.0.2.20
Websphere_application_server	Ibm	6.0.2.21	6.0.2.21
Websphere_application_server	Ibm	6.0.2.22	6.0.2.22
Websphere_application_server	Ibm	6.0.2.23	6.0.2.23
Websphere_application_server	Ibm	6.0.2.24	6.0.2.24
Websphere_application_server	Ibm	6.0.2.25	6.0.2.25
Websphere_application_server	Ibm	6.0.2.27	6.0.2.27
Websphere_application_server	Ibm	6.0.2.28	6.0.2.28
Websphere_application_server	Ibm	6.0.2.29	6.0.2.29
Websphere_application_server	Ibm	6.0.2.30	6.0.2.30
Websphere_application_server	Ibm	6.0.2.31	6.0.2.31
Websphere_application_server	Ibm	6.0.2.32	6.0.2.32
Websphere_application_server	Ibm	*	6.0.2.33

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-1901
CWE	https://cwe.mitre.org/data/definitions/NVD-noinfo.html

Affected Software

References