IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain sensitive information via unspecified vectors related to "JSP source code exposure" (PK23475), which occurs when ibm-web-ext.xmi sets fileServingEnabled to true or ExtendedDocumentRoot is used to place a JSP outside a WAR.file; (3) the First Failure Data Capture (ffdc) log file (PK24834); and (4) traces (PK25568), a different issue than CVE-2006-4137.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-08-18T19:55:00
Updated: 2024-08-07T18:57:46.432Z
Reserved: 2006-08-18T00:00:00
Link: CVE-2006-4223
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-08-18T20:04:00.000
Modified: 2024-11-21T00:15:25.810
Link: CVE-2006-4223
Redhat
No data.