Low severity3.1NVD Advisory· Published Sep 1, 2016· Updated Jun 17, 2026
CVE-2016-0385
CVE-2016-0385
Description
Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
68cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*+ 67 more
- cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.27:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.29:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.32:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.33:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.34:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.35:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.36:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.37:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.38:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.39:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.41:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:-:liberty_profile:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:-:liberty_profile:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:-:liberty_profile:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:-:liberty_profile:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.1:-:liberty_profile:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:-:liberty_profile:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:9.0.0.0:*:*:*:*:*:*:*
- (no CPE)range: 7.0 < 7.0.0.43, 8.0 < 8.0.0.13, 8.5 < 8.5.5.10, 9.0 < 9.0.0.1, Liberty < 16.0.0.3
Patches
Vulnerability mechanics
References
4- www-01.ibm.com/support/docview.wssnvdMitigationPatchVendor Advisory
- www-01.ibm.com/support/docview.wssnvdNot Applicable
- www.securityfocus.com/bid/92505nvd
- www.securitytracker.com/id/1036654nvd
News mentions
0No linked articles in our index yet.