English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 22515
À§Çèµµ 40
Æ÷Æ® 8880, ...
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù WWW
»ó¼¼¼³¸í ÇØ´ç È£½ºÆ®¿¡´Â 7.0.0.15 ÀÌÀüÀÇ IBM WebSphere Application ¼­¹öÀÇ ¾î¶² ¹öÀüÀÌ ÇØ´ç È£½ºÆ®¿¡ °¡µ¿ ÁßÀÌ´Ù. IBM WebSphere Application Server 7.0.0.15 ÀÌÀüÀÇ 7.0 ¹öÀüµéÀº ´ÙÁßÀÇ Ãë¾àÁ¡µé¿¡ Ãë¾àÇÑ °ÍÀ¸·Î º¸°í µÇ¾ú´Ù.

- BBOOORBR control block ¿¡¼­ ¼­ºñ½º °ÅºÎ°¡ ¹ß»ýÇÒ ¼ö ÀÖ´Â Double free ¿¡·¯°¡ Á¸ÀçÇÑ´Ù.
- À¥ ÄÁÅ×À̳ʿ¡ cross-site scripting Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- Lightweight third-party ÀÎÁõÀ» »ç¿ëÇÔÀ¸·Î½á DoS ¿¡ ºüÁú ¼ö ÀÖ´Â Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- wsadmin ¸í·ÉÀÇ ÆĶó¹ÌÅÍ°¡ trace ÆÄÀÏ¿¡ Æ÷ÇԵǾî ÀÖ¾î Á¤º¸ À¯Ãâ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- 'com.ibm.ws.jsp.runtime.WASJSPStrBufferImpl' ¿¡ memory leak Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- SAAJ api ¿¡ ¼­ºñ½º °ÅºÎ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- SIB message ¿£Áø¿¡ ¼­ºñ½º °ÅºÎ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- ÀνºÅç·¯¿¡¼­ »ý¼ºÇÏ´Â ÀÓ½ÃÆÄÀÏÀÇ ±ÇÇÑÀÌ '777' ÀÌ´Ù.
- IVT ¾îÇø®ÄÉÀ̼ǿ¡ ¼­ºñ½º °ÅºÎ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- »ç¿ëÀÚ°¡ ·Î±×¾Æ¿ô Çصµ ij½¬¿¡ ÀúÀåµÈ ÀÚ°ÝÁõ¸íÀÌ »èÁ¦µÇÁö ¾Ê´Â´Ù.
- trace ¿äûÀÌ Á¦´ë·Î 󸮵ÇÁö ¾Ê´Â Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- 'org.apache.jasper.runtime.JspWriterImpl.response' ¿¡ memory leak Ãë¾àÁ¡ÀÌ Á¸ÀçÇÏ¿© ¼­ºñ½º °ÅºÎ¿¡ ºüÁú ¼ö ÀÖ´Ù.
- SIP proxy ¿¡¼­ UDP ¸Þ½ÃÁö¸¦ ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ¿¡ ºüÁú ¼ö ÀÖ´Ù.
- ƯÁ¤ ÄÁÆ®·Ñ ¼­ºí¸´¿¡ À߸øµÈ Á¢±ÙÀÌ Çã¿ë µÇ´Â Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- J2EE 1.4 ¾îÇø®ÄÉÀ̼ǿ¡¼­ À߸øµÈ º¸¾È ¸ÅÇÎÀÌ ¹ß»ý ÇÒ ¼ö ÀÖ´Ù.
- °ü¸®ÀÚ ¸â¹ö°¡ °ü¸® ÄܼÖÀ» ÅëÇÏ¿© primary °ü¸®ÀÚÀÇ ID ¸¦ º¯°æÇÒ ¼ö ÀÖ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº ÀÌ Ãë¾àÁ¡À» Á¡°ËÇϱâ À§ÇØ ÇØ´ç À¥ ¼­¹öÀÇ ¹è³Ê Á¤º¸¸¸À» È®ÀÎÇÑ´Ù. µû¶ó¼­ °ÅÁþ ¾ç¼º¹ÝÀÀ(False Positive)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://www-01.ibm.com/support/docview.wss?uid=swg1PM17170
http://www-01.ibm.com/support/docview.wss?uid=swg1PM18644
http://www-1.ibm.com/support/docview.wss?uid=swg1PM19500
http://www-01.ibm.com/support/docview.wss?uid=swg1PM19534
http://www-1.ibm.com/support/docview.wss?uid=swg1PM19834
http://www-1.ibm.com/support/docview.wss?uid=swg1PM24668
http://www-1.ibm.com/support/docview.wss?uid=swg1PM21536
http://www-01.ibm.com/support/docview.wss?uid=swg1PM23115
http://www-1.ibm.com/support/docview.wss?uid=swg1PK88606
http://www-01.ibm.com/support/docview.wss?uid=swg27014463#70015

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
IBM WebSphere Application Server 7.0.0.15 ÀÌÀüÀÇ 7.0 ¹öÀüµé
ÇØ°áÃ¥ 'IBM Support & downloads' À¥ »çÀÌÆ®ÀÎ http://www-01.ibm.com/support/docview.wss?uid=swg27014463#70015 ¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Â IBM WebSphere Application ¼­¹öÀÇ °¡Àå ÃֽŠ¹öÀü 7.0 (Fix Pack 15 for 7.0 (7.0.0.15) ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù.
°ü·Ã URL CVE-2011-0315,CVE-2011-0316,CVE-2011-1307,CVE-2011-1308,CVE-2011-1309,CVE-2011-1310,CVE-2011-1311,CVE-2011-1312,CVE-2011-1313,CVE-2011-1314 (CVE)
°ü·Ã URL 46736 (SecurityFocus)
°ü·Ã URL (ISS)