Vulnerabilities > CVE-2006-2466 - Unspecified vulnerability in BEA Weblogic Server 7.0/8.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source code of JSP pages during certain circumstances related to a "timing window" when a compilation error occurs, aka the "JSP showcode vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
References
- http://dev2dev.bea.com/pub/advisory/192
- http://dev2dev.bea.com/pub/advisory/192
- http://secunia.com/advisories/20130
- http://secunia.com/advisories/20130
- http://securitytracker.com/id?1016100
- http://securitytracker.com/id?1016100
- http://www.vupen.com/english/advisories/2006/1828
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26461
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26461