A potential security exposure that can result in a denial of service
A security exposure was found in all versions of IHS which have shipped with WebSphere Commerce. This exploit allows HTTP requests using byte ranges to contain ranges larger than the size of the file being served. Performing a significant number of these requests can result in a denial of service.
All customers using IHS are recommended to review the following IHS Flash for the most up-to date information:
Potential security exposure with IBM HTTP Server 8.0 and earlier (PM46234) (CVE-2011-3192)
|Commerce||WebSphere Commerce - Express||Security||i5/OS, Linux, Windows||7.0, 6.0, 5.6.1, 5.6||Express|
|Commerce||WebSphere Commerce Business Edition||Security||AIX, i5/OS, Linux, Solaris, Windows, OS/390||5.6.1, 5.6||Business Edition|
|Commerce||WebSphere Commerce Professional Edition||Security||AIX, i5/OS, Linux, Solaris, Windows||7.0, 6.0, 5.6.1, 5.6||Professional Edition|