Search

Find a vulnerability

Search criteria

    7 vulnerabilities found for HP Systems Insight Manager by Hewlett-Packard Development Company,L.P

    JVNDB-2011-000035

    Vulnerability from jvndb - Published: 2011-06-10 16:23 - Updated:2013-03-26 15:14
    Severity
    N/A (UNKNOWN) - -
    Summary
    Java Web Start may insecurely load dynamic libraries
    Details
    Java Web Start provided Oracle may use unsafe methods for determining how to load DLLs. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE (Java Runtime Environment) Java Web Start contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Hisashi Kojima of Fujitsu Laboratories, Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000035.html",
      "dc:date": "2013-03-26T15:14+09:00",
      "dcterms:issued": "2011-06-10T16:23+09:00",
      "dcterms:modified": "2013-03-26T15:14+09:00",
      "description": "Java Web Start provided Oracle may use unsafe methods for determining how to load DLLs.\r\n\r\nJava Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE (Java Runtime Environment) Java Web Start contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.\r\n\r\nHisashi Kojima of Fujitsu Laboratories, Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000035.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:hp:systems_insight_manager",
          "@product": "HP Systems Insight Manager",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jdk",
          "@product": "JDK",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jre",
          "@product": "JRE",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:sdk",
          "@product": "SDK",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000035",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN18680611/index.html",
          "@id": "JVN#18680611",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866",
          "@id": "CVE-2011-0866",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0866",
          "@id": "CVE-2011-0866",
          "@source": "NVD"
        },
        {
          "#text": "http://www.ipa.go.jp/security/english/vuln/201106_javaweb_en.html",
          "@id": "Security Alert for Multiple Vulnerabilities in Java Web Start",
          "@source": "IPA SECURITY ALERTS"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Java Web Start may insecurely load dynamic libraries"
    }

    JVNDB-2011-000034

    Vulnerability from jvndb - Published: 2011-06-10 16:23 - Updated:2013-03-26 14:46
    Severity
    N/A (UNKNOWN) - -
    Summary
    Java Web Start may insecurely load settings files
    Details
    Java Web Start provided Oracle may use unsafe methods for determining how to load settings files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE (Java Runtime Environment) Java Web Start contains an issue with the file search path, which may insecurely load settings files. Hisashi Kojima of Fujitsu Laboratories, Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000034.html",
      "dc:date": "2013-03-26T14:46+09:00",
      "dcterms:issued": "2011-06-10T16:23+09:00",
      "dcterms:modified": "2013-03-26T14:46+09:00",
      "description": "Java Web Start provided Oracle may use unsafe methods for determining how to load settings files.\r\n\r\nJava Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE (Java Runtime Environment) Java Web Start contains an issue with the file search path, which may insecurely load settings files.\r\n\r\nHisashi Kojima of Fujitsu Laboratories, Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000034.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:hp:systems_insight_manager",
          "@product": "HP Systems Insight Manager",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jdk",
          "@product": "JDK",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jre",
          "@product": "JRE",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000034",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN09206238/index.html",
          "@id": "JVN#09206238",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786",
          "@id": "CVE-2011-0786",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0786",
          "@id": "CVE-2011-0786",
          "@source": "NVD"
        },
        {
          "#text": "http://www.ipa.go.jp/security/english/vuln/201106_javaweb_en.html",
          "@id": "Security Alert for Multiple Vulnerabilities in Java Web Start",
          "@source": "IPA SECURITY ALERTS"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Java Web Start may insecurely load settings files"
    }

    JVNDB-2011-000033

    Vulnerability from jvndb - Published: 2011-06-10 16:22 - Updated:2013-03-29 14:50
    Severity
    N/A (UNKNOWN) - -
    Summary
    Java Web Start may insecurely load policy files
    Details
    Java Web Start provided Oracle may use unsafe methods for determining how to load policy files. Java Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE (Java Runtime Environment) Java Web Start contains an issue with the file search path, which may insecurely load policy files. Hisashi Kojima of Fujitsu Laboratories, Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000033.html",
      "dc:date": "2013-03-29T14:50+09:00",
      "dcterms:issued": "2011-06-10T16:22+09:00",
      "dcterms:modified": "2013-03-29T14:50+09:00",
      "description": "Java Web Start provided Oracle may use unsafe methods for determining how to load policy files.\r\n\r\nJava Web Start is tool to distribute Java applications over the web and is contained in Java applications such as JRE (Java Runtime Environment) Java Web Start contains an issue with the file search path, which may insecurely load policy files.\r\n\r\nHisashi Kojima of Fujitsu Laboratories, Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000033.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:hp:systems_insight_manager",
          "@product": "HP Systems Insight Manager",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jdk",
          "@product": "JDK",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jre",
          "@product": "JRE",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000033",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN29212182/index.html",
          "@id": "JVN#29212182",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0788",
          "@id": "CVE-2011-0788",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0788",
          "@id": "CVE-2011-0788",
          "@source": "NVD"
        },
        {
          "#text": "http://www.ipa.go.jp/security/english/vuln/201106_javaweb_en.html",
          "@id": "Security Alert for Multiple Vulnerabilities in Java Web Start",
          "@source": "IPA SECURITY ALERTS"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Java Web Start may insecurely load policy files"
    }

    JVNDB-2011-000020

    Vulnerability from jvndb - Published: 2011-03-10 16:38 - Updated:2018-02-07 17:10
    Severity
    N/A (UNKNOWN) - -
    Summary
    IBM Tivoli vulnerable to denial-of-service (DoS)
    Details
    IBM Tivoli contains a denial-of-service (DoS) vulnerability. IBM Tivoli contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE). A wide range of products are affected. For more information, refer to the vendor's website.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000020.html",
      "dc:date": "2018-02-07T17:10+09:00",
      "dcterms:issued": "2011-03-10T16:38+09:00",
      "dcterms:modified": "2018-02-07T17:10+09:00",
      "description": "IBM Tivoli contains a denial-of-service (DoS) vulnerability.\r\n\r\nIBM Tivoli contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).\r\n\r\nA wide range of products are affected. For more information, refer to the vendor\u0027s website.",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000020.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:hp:systems_insight_manager",
          "@product": "HP Systems Insight Manager",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jdk",
          "@product": "JDK",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:jre",
          "@product": "JRE",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:sun:sdk",
          "@product": "SDK",
          "@vendor": "Sun Microsystems, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000020",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN81294135/index.html",
          "@id": "JVN#81294135",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/tr/JVNTR-2011-02/index.html",
          "@id": "JVNTR-2011-02",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securitytracker.com/id?1025062",
          "@id": "1025062",
          "@source": "SECTRACK"
        },
        {
          "#text": "http://secunia.com/advisories/43295",
          "@id": "SA43295",
          "@source": "SECUNIA-R"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-189",
          "@title": "Numeric Errors(CWE-189)"
        }
      ],
      "title": "IBM Tivoli vulnerable to denial-of-service (DoS)"
    }

    JVNDB-2011-000016

    Vulnerability from jvndb - Published: 2011-03-04 19:29 - Updated:2018-02-07 17:10
    Severity
    N/A (UNKNOWN) - -
    Summary
    IBM DB2 vulnerable to denial-of-service (DoS)
    Details
    IBM DB2 contains a denial-of-service (DoS) vulnerability. IBM DB2 contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000016.html",
      "dc:date": "2018-02-07T17:10+09:00",
      "dcterms:issued": "2011-03-04T19:29+09:00",
      "dcterms:modified": "2018-02-07T17:10+09:00",
      "description": "IBM DB2 contains a denial-of-service (DoS) vulnerability.\r\n\r\nIBM DB2 contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000016.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:hp:systems_insight_manager",
          "@product": "HP Systems Insight Manager",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:db2",
          "@product": "IBM DB2",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000016",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN16308183/index.html",
          "@id": "JVN#16308183",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/tr/JVNTR-2011-02/index.html",
          "@id": "JVNTR-2011-02",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/43295",
          "@id": "SA43295",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securitytracker.com/id?1025062",
          "@id": "1025062",
          "@source": "SECTRACK"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-189",
          "@title": "Numeric Errors(CWE-189)"
        }
      ],
      "title": "IBM DB2 vulnerable to denial-of-service (DoS)"
    }

    JVNDB-2011-000017

    Vulnerability from jvndb - Published: 2011-03-04 19:29 - Updated:2018-02-07 17:10
    Severity
    N/A (UNKNOWN) - -
    Summary
    IBM WebSphere Application Server vulnerable to denial-of-service (DoS)
    Details
    IBM WebSphere Application Server (WAS) contains a denial-of-service (DoS) vulnerability. IBM WebSphere Application Server contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE). According to the developer: " For other IBM software products that contain an affected version of WAS, require an update. Specifically, WebSphere Process Server (WPS), WebSphere Enterprise Service Bus (WESB), WebSphere Virtual Enterprise (WVE), WebSphere Commerce and others are applicable. Also, IBM HTTP Server is not affected by this vulnerability."
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000017.html",
      "dc:date": "2018-02-07T17:10+09:00",
      "dcterms:issued": "2011-03-04T19:29+09:00",
      "dcterms:modified": "2018-02-07T17:10+09:00",
      "description": "IBM WebSphere Application Server (WAS) contains a denial-of-service (DoS) vulnerability.\r\n\r\nIBM WebSphere Application Server contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).\r\n\r\nAccording to the developer:\r\n\r\n\" For other IBM software products that contain an affected version of WAS, require an update. Specifically, WebSphere Process Server (WPS), WebSphere Enterprise Service Bus (WESB), WebSphere Virtual Enterprise (WVE), WebSphere Commerce and others are applicable. Also, IBM HTTP Server is not affected by this vulnerability.\"",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000017.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:hp:systems_insight_manager",
          "@product": "HP Systems Insight Manager",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:websphere_application_server",
          "@product": "IBM WebSphere Application Server",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000017",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN26301278/index.html",
          "@id": "JVN#26301278",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/tr/JVNTR-2011-02/index.html",
          "@id": "JVNTR-2011-02",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/43295",
          "@id": "SA43295",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securitytracker.com/id?1025062",
          "@id": "1025062",
          "@source": "SECTRACK"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-189",
          "@title": "Numeric Errors(CWE-189)"
        }
      ],
      "title": "IBM WebSphere Application Server vulnerable to denial-of-service (DoS)"
    }

    JVNDB-2011-000018

    Vulnerability from jvndb - Published: 2011-03-04 19:28 - Updated:2018-02-07 17:10

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000018.html",
      "dc:date": "2018-02-07T17:10+09:00",
      "dcterms:issued": "2011-03-04T19:28+09:00",
      "dcterms:modified": "2018-02-07T17:10+09:00",
      "description": "IBM Lotus product line contains a denial-of-service (DoS) vulnerability.\r\n\r\nIBM Lotus product line contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000018.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:hp:systems_insight_manager",
          "@product": "HP Systems Insight Manager",
          "@vendor": "Hewlett-Packard Development Company,L.P",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:ibm_forms",
          "@product": "IBM Forms",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:ibm_mashup_center",
          "@product": "IBM Mashup Center",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_activeinsight",
          "@product": "Lotus ActiveInsight",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_connections",
          "@product": "Lotus Connections",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_expeditor",
          "@product": "IBM Lotus Expeditor",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_mashups",
          "@product": "Lotus Mashups",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_quickr",
          "@product": "IBM Lotus Quickr",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_sametime_advanced",
          "@product": "Lotus Sametime Advanced",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_sametime_standard",
          "@product": "Lotus Sametime Standard",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_sametime_unified_telephony",
          "@product": "Lotus Sametime Unified Telephony",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_web_content_management",
          "@product": "Lotus Web Content Management",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:lotus_workforce_management",
          "@product": "Lotus Workforce Management",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:websphere_dashboard_framework",
          "@product": "IBM WebSphere Dashboard Framework",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:websphere_portlet_factory",
          "@product": "WebSphere Portlet Factory",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ibm:workplace_web_content_management",
          "@product": "Workplace Web Content Management",
          "@vendor": "IBM Corporation",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000018",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN97334690/index.html",
          "@id": "JVN#97334690",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/tr/JVNTR-2011-02/index.html",
          "@id": "JVNTR-2011-02",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4476",
          "@id": "CVE-2010-4476",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/43295",
          "@id": "SA43295",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securitytracker.com/id?1025062",
          "@id": "1025062",
          "@source": "SECTRACK"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-189",
          "@title": "Numeric Errors(CWE-189)"
        }
      ],
      "title": "IBM Lotus vulnerable to denial-of-service (DoS)"
    }