IBM Corporation Information for VU#466161
XML signature HMAC truncation authentication bypass
- Vendor Information Help Date Notified: 09 Jul 2009
- Statement Date: 14 Jul 2009
- Date Updated: 14 Jul 2009
IBM has issued the following Flash for WebSphere Application Server which describes resolutions available:
Possible security exposure with XML digital signature with IBM WebSphere Application Server (PK80596 and PK80627):
The vendor has not provided us with any further information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.