[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256610

 
 

909

 
 

199263

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3231Date: (C)2006-06-27   (M)2023-12-22


Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
BID-18578
SECUNIA-20732
BID-22991
SECUNIA-24478
ADV-2006-2482
ADV-2007-0970
PK22928
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://www-1.ibm.com/support/docview.wss?uid=swg21243541

CPE    50
cpe:/a:ibm:websphere_application_server:5.1.1.10
cpe:/a:ibm:websphere_application_server:3.0.2.3
cpe:/a:ibm:websphere_application_server:3.0.2.4
cpe:/a:ibm:websphere_application_server:5.0.2
...

© SecPod Technologies