CVE-2006-3231

Sažetak

Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters."

Reference

http://secunia.com/advisories/20732
http://secunia.com/advisories/24478
http://www.securityfocus.com/bid/18578
http://www.securityfocus.com/bid/22991
http://www.vupen.com/english/advisories/2006/2482
http://www.vupen.com/english/advisories/2007/0970
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://www-1.ibm.com/support/docview.wss?uid=swg21243541

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

09-10-2019 - 22:50

Objavljeno

27-06-2006 - 10:05