CVE Vulnerabilities

CVE-2011-1313

Published: Mar 08, 2011 | Modified: Apr 07, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Double free vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service (S0C4 ABEND and storage corruption) by rejecting IIOP requests at opportunistic time instants, as demonstrated by requests associated with an ORB_Request::getACRWorkElementPtr function call.

Affected Software

Name Vendor Start Version End Version
Websphere_application_server Ibm 6.1.0.21 6.1.0.21
Websphere_application_server Ibm 6.1.0.31 6.1.0.31
Websphere_application_server Ibm 6.1.0.19 6.1.0.19
Websphere_application_server Ibm 6.1.0.2 6.1.0.2
Websphere_application_server Ibm 6.1.0.33 6.1.0.33
Websphere_application_server Ibm 6.1.0.25 6.1.0.25
Websphere_application_server Ibm 6.1.0.11 6.1.0.11
Websphere_application_server Ibm 6.1.0.9 6.1.0.9
Websphere_application_server Ibm 6.1.0.0 6.1.0.0
Websphere_application_server Ibm 6.1.0.1 6.1.0.1
Websphere_application_server Ibm 6.1.0.27 6.1.0.27
Websphere_application_server Ibm 6.1.0.29 6.1.0.29
Websphere_application_server Ibm 6.1.0.7 6.1.0.7
Websphere_application_server Ibm 6.1.0.3 6.1.0.3
Websphere_application_server Ibm 6.1.0.17 6.1.0.17
Websphere_application_server Ibm 6.1.0.15 6.1.0.15
Websphere_application_server Ibm 6.1.0.23 6.1.0.23
Websphere_application_server Ibm 6.1.0 6.1.0
Websphere_application_server Ibm 6.1.0.5 6.1.0.5
Websphere_application_server Ibm 6.1.0.12 6.1.0.12

References