CVE-2009-0503

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Message Broker
Vendor: CVE Published:; 13 February 2009

Summary

IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs.

References

http://www-01.ibm.com/support/docview.wss?rs=849&uid=swg2...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2009/0460

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1021735

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 13, 2009
Vulnerability Reserved
Feb 10, 2009