• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IBM WebSphere Application Server WebContainer HTTP Request Header Security Weakness

Attackers can use Flash to exploit this issue.

The following proof-of-concept code was released for a similar weakness covered in BID 19661 (Apache HTTP Server Arbitrary HTTP Request Headers Security Weakness). The code has not been tested against IBM WebSphere Application Server but will likely work to demonstrate the issue.

• /data/vulnerabilities/exploits/19661.html