IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain sensitive information via unspecified vectors related to "JSP source code exposure" (PK23475), which occurs when ibm-web-ext.xmi sets fileServingEnabled to true or ExtendedDocumentRoot is used to place a JSP outside a WAR.file; (3) the First Failure Data Capture (ffdc) log file (PK24834); and (4) traces (PK25568), a different issue than CVE-2006-4137.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-08-18T19:55:00

Updated: 2024-08-07T18:57:46.432Z

Reserved: 2006-08-18T00:00:00

Link: CVE-2006-4223

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-08-18T20:04:00.000

Modified: 2024-11-21T00:15:25.810

Link: CVE-2006-4223

cve-icon Redhat

No data.