Vulnerability Description
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | 7.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/34131
- http://secunia.com/advisories/34461Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463Patch
- http://www.securityfocus.com/bid/34259
- http://www.vupen.com/english/advisories/2009/0854PatchVendor Advisory
- http://secunia.com/advisories/34131
- http://secunia.com/advisories/34461Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988
- http://www-01.ibm.com/support/docview.wss?uid=swg27014463Patch
- http://www.securityfocus.com/bid/34259
- http://www.vupen.com/english/advisories/2009/0854PatchVendor Advisory
FAQ
What is CVE-2009-1173?
CVE-2009-1173 is a vulnerability with a CVSS score of 2.1 (LOW). IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have ...
How severe is CVE-2009-1173?
CVE-2009-1173 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1173?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server.