CVE-2011-1377 Information

Description

The Web Services Security component in the Web Services Feature Pack before 6.1.0.41 for IBM WebSphere Application Server (WAS) 6.1 does not properly handle the enabling of WS-Security for a JAX-WS application which has unspecified impact and attack vectors.

Reference

http://secunia.com/advisories/46469 http://www.securityfocus.com/bid/50310 http://www-01.ibm.com/support/docview.wss?uid=swg1PM43792 http://www-01.ibm.com/support/docview.wss?uid=swg1PM50205 http://www-01.ibm.com/support/docview.wss?uid=swg27011716 https://exchange.xforce.ibmcloud.com/vulnerabilities/72299