----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
SUSE update for websphere-as_ce

SECUNIA ADVISORY ID:
SA33978

VERIFY ADVISORY:
http://secunia.com/advisories/33978/

DESCRIPTION:
SUSE has issued an update for websphere-as_ce. This fixes some
security issues and vulnerabilities, which can be exploited by
malicious, local users to bypass certain security restrictions,
malicious users to disclose potentially sensitive information, and by
malicious people to disclose potentially sensitive information,
manipulate certain data, bypass certain security restrictions,
conduct cross-site scripting and HTTP response splitting attacks,
potentially hijack a user's session, and cause a DoS (Denial of
Service).

For more information:
SA23641
SA25678
SA26466
SA26465
SA27398
SA27925
SA28274
SA28834
SA28878
SA30500
SA31381

SOLUTION:
Apply updated packages via YaST Online Update or the SUSE FTP server.

ORIGINAL ADVISORY:
SUSE-SR:2009:004:
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

OTHER REFERENCES:
SA23641:
http://secunia.com/advisories/23641/

SA25678:
http://secunia.com/advisories/25678/

SA26466:
http://secunia.com/advisories/26466/

SA26465:
http://secunia.com/advisories/26465/

SA27398:
http://secunia.com/advisories/27398/

SA27925:
http://secunia.com/advisories/27925/

SA28274:
http://secunia.com/advisories/28274/

SA28834:
http://secunia.com/advisories/28834/

SA28878:
http://secunia.com/advisories/28878/

SA30500:
http://secunia.com/advisories/30500/

SA31381:
http://secunia.com/advisories/31381/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------