--- Vulnerability Key Information Vulnerability Name: PM15829: SHIP APAR FIXES FOR H28W700 FIX PACK 7.0.0.11 Affected Users: All users of WebSphere Application Server V7.0 for z/OS Fix Status: Fixed Issue Description: This APAR fixes multiple defects in WebSphere Application Server V7.0 for z/OS, including but not limited to: - PM07569: If content exists in the body of a GET request, the plugin does not send data to WebSphere Application Server. - PM07580: Web server crashes or returns incorrect responses. - PM08173: SSLHandshakeException thrown when attempting to set a specific SSL alias saved to a standalone LDAP repository. - PM08939: Contains CVE-2010-0434 and CVE-2010-0408 vulnerabilities. - PM08957: NotSerializableException error occurs when running JAX-RPC applications with CookieValueList objects. - PM09215: WSWS3227E error occurs when running JAX-RPC applications migrated from WebSphere Application Server v5.1. - PM09250: Potential link injection vulnerability exists. Solution: Fixed component name: WebSphere for z; Fixed component ID: 565513500; Applicable component version: R700 PSY UK57728 and UP10/06/17 P F006. APAR Information: - APAR Number: PM15829 - Reported Component Name: WebSphere for z - Reported Component ID: 565513500 - Reported Version: 700 - Status: Fixed (closed due to programming error) - HIper: No - Special Attention: None - Submitted Date: 2010-06-02 - Closed Date: 2010-06-07 - Last Modified Date: 2011-02-24 Fix Acquisition: The fix program is available. Users should select the appropriate PTF based on their component level and register to obtain it. Physical media distribution is unavailable in all countries. Related Modules/Macros: The listed extensive modules/macros cover a broad range of WebSphere for z functionalities, ensuring the fix applies across the entire affected application scope. --- This information provides detailed guidance for users to understand the nature, scope of impact, and steps to obtain the fix, ensuring system security and stability.