Vulnerabilities > CVE-2006-3231 - Multiple vulnerability in IBM Websphere Application Server Prior to 6.0.2.11
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE network
ibm
Summary
Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters."
Vulnerable Configurations
References
- http://secunia.com/advisories/20732
- http://secunia.com/advisories/24478
- http://www.securityfocus.com/bid/18578
- http://www.securityfocus.com/bid/22991
- http://www.vupen.com/english/advisories/2006/2482
- http://www.vupen.com/english/advisories/2007/0970
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
- http://www-1.ibm.com/support/docview.wss?uid=swg21243541