Systems Affected
- WebSphere Commerce versions 6.0 Feature Pack 2 - 5
- WebSphere Commerce versions 7.0.0.0 - 7.0.0.7
- WebSphere Commerce versions 7.0 Feature Pack 1 - 7
Threat Level
Overview
A vulnerability has been reported in IBM WebSphere Commerce Enterprise, Professional, Express, and Developer editions which could be exploited by an attacker to cause denial of service conditions.
Description
This vulnerability is caused due to improper handling of 'id' parameter values.
An attacker could exploit this vulnerability by sending a specially crafted value of the 'id' parameter, hence causing disproportionate consumption of resources thereby causing the system to crash.
Impact
Solution/ Workarounds
✻ Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.
References
http://www.cert-in.org.in/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|