Direct links to fixes
7.0.0-WS-WCServer-FP009
WebSphere Commerce Version 7.0.0.2 Fix Pack
WebSphere Commerce Version 6.0.0.11 Fix Pack
WebSphere Commerce Version 7.0.0.4 Fix Pack
WebSphere Commerce Version 7.0.0.3 Fix Pack
WebSphere Commerce Version 7.0.0.5 Fix Pack
WebSphere Commerce Version 7.0.0.6 Fix Pack
WebSphere Commerce Version 7.0.0.7 Fix Pack
WebSphere Commerce Version 7.0.0.8 Fix Pack
WebSphere Commerce Version 7.0.0.9 Fix Pack
JR38114: Potential security exposure in the outbound messaging system
APAR status
Closed as program error.
Error description
When the outbound messaging system accesses the RunTimeProfileCacheCmdImpl class in IBM WebSphere Commerce there is a potential security exposure.
Local fix
Problem summary
USERS AFFECTED: All WebSphere Commerce users on v7.0 using the outbound messaging system. PROBLEM ABSTRACT: WebSphere Commerce class RunTimeProfileCacheCmdImpl has a potential security exposure. BUSINESS IMPACT: This issue may prevent outgoing messages from being sent properly. RECOMMENDATION: Download and install the interim fix from Fix Central
Problem conclusion
This code change resolves known concurrency issues with the RunTimeProfileCacheCmdImpl class in WebSphere Commerce. ------------------------------------------------------------- The latest available maintenance information can be obtained from the Recommended Fixes for WebSphere Commerce technote: http://www.ibm.com/support/docview.wss?rs=3046&uid=swg21261296 ------------------------------------------------------------- The latest available maintenance information can be obtained from the Recommended Fixes for WebSphere Commerce technote: http://www.ibm.com/support/docview.wss?rs=3046&uid=swg21261296
Temporary fix
Comments
APAR Information
APAR number
JR38114
Reported component name
WC BUS EDITION
Reported component ID
5724I3800
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-10-26
Closed date
2010-11-04
Last modified date
2010-11-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WC BUS EDITION
Fixed component ID
5724I3800
Applicable component levels
R600 PSY
UP
R700 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSYL","label":"WebSphere Commerce Enterprise"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
04 November 2010