CVE-2010-1650 Information

Description

IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11 when the -trace option (aka debugging mode) is enabled executes debugging statements that print string representations of unspecified objects which allows attackers to obtain sensitive information by reading the trace output.

Reference

http://secunia.com/advisories/39628 http://www.vupen.com/english/advisories/2010/0994 http://www-01.ibm.com/support/docview.wss?uid=swg1PM06839 http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247 https://exchange.xforce.ibmcloud.com/vulnerabilities/58323