Potential security vulnerability due to Java HashTable implementation (CVE-2012-0193)

Flash (Alert)


Abstract

A potential security exposure due to the Java™ HashTable implementation which can result in a Denial of Service (DoS)

Content

A security exposure was found in all versions of WebSphere Application Server which have shipped with WebSphere Commerce. This exploit can cause a large number of HashTable collisions due to specially crafted HTTP request parameters. With too many collisions, performance is significantly impaired and can lead to a denial of service.

Solution

All customers are recommended to review the following WebSphere Application Server Flash (Alert) for the most up-to date information:

Potential security vulnerability when using Web based applications on IBM WebSphere Application Server due to Java HashTable implementation vulnerability (PM53930)


Related information

A simplified Chinese translation is available

Cross reference information
Segment Product Component Platform Version Edition
Commerce WebSphere Commerce - Express Security i5/OS, Linux, Windows 7.0, 6.0, 5.6.1, 5.6 Express
Commerce WebSphere Commerce Business Edition Security AIX, i5/OS, Linux, Solaris, Windows, OS/390 5.6.1, 5.6 Business Edition
Commerce WebSphere Commerce Professional Edition Security AIX, i5/OS, Linux, Solaris, Windows 7.0, 6.0, 5.6.1, 5.6 Professional Edition

Rate this page:

(0 users)Average rating

Document information


More support for:

WebSphere Commerce Enterprise
Security

Software version:

6.0, 7.0

Operating system(s):

AIX, Linux, Solaris, Windows, i5/OS

Software edition:

Enterprise

Reference #:

1578592

Modified date:

2012-01-18

Translate my page

Machine Translation

Content navigation