Vulnerability Details CVE-2009-1173
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.8%
CVSS Severity
CVSS v2 Score 2.1
References
- http://secunia.com/advisories/34131
- http://secunia.com/advisories/34461
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463
- http://www.securityfocus.com/bid/34259
- http://www.vupen.com/english/advisories/2009/0854
- http://secunia.com/advisories/34131
- http://secunia.com/advisories/34461
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463
- http://www.securityfocus.com/bid/34259
- http://www.vupen.com/english/advisories/2009/0854
Products affected by CVE-2009-1173
-
cpe:2.3:a:ibm:websphere_application_server:7.0
-
cpe:2.3:a:ibm:websphere_application_server:7.0.0.1