CVE-2008-5257

Published: Nov 27, 2008Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.

Affected (1)

Products: Ibm: Tivoli Access Manager For E Business

Ibm

1 product

Tivoli Access Manager For E Business

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Tivoli Access Manager For E Business	Version 6.0.0.17

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://secunia.com/advisories/32755

Source: cve@mitre.org

PatchVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611

Source: cve@mitre.org

Patch

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270

Source: cve@mitre.org

http://www.securityfocus.com/bid/32461

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/46821

Source: cve@mitre.org

http://secunia.com/advisories/32755