Flash (Alert)
Abstract
A potential security exposure due to the Java™ HashTable implementation which can result in a Denial of Service (DoS)
Content
A security exposure was found in all versions of WebSphere Application Server which have shipped with WebSphere Commerce. This exploit can cause a large number of HashTable collisions due to specially crafted HTTP request parameters. With too many collisions, performance is significantly impaired and can lead to a denial of service.
Solution
All customers are recommended to review the following WebSphere Application Server Flash (Alert) for the most up-to date information:
Related information
A simplified Chinese translation is available
| Segment | Product | Component | Platform | Version | Edition |
|---|---|---|---|---|---|
| Commerce | WebSphere Commerce - Express | Security | i5/OS, Linux, Windows | 7.0, 6.0, 5.6.1, 5.6 | Express |
| Commerce | WebSphere Commerce Business Edition | Security | AIX, i5/OS, Linux, Solaris, Windows, OS/390 | 5.6.1, 5.6 | Business Edition |
| Commerce | WebSphere Commerce Professional Edition | Security | AIX, i5/OS, Linux, Solaris, Windows | 7.0, 6.0, 5.6.1, 5.6 | Professional Edition |
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.