4.3

CVE-2006-3231

Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmWebsphere Application Server Version3.0.2.1
IbmWebsphere Application Server Version3.0.2.2
IbmWebsphere Application Server Version3.0.2.3
IbmWebsphere Application Server Version3.0.2.4
IbmWebsphere Application Server Version5.0.2.1
IbmWebsphere Application Server Version5.0.2.2
IbmWebsphere Application Server Version5.0.2.3
IbmWebsphere Application Server Version5.0.2.4
IbmWebsphere Application Server Version5.0.2.5
IbmWebsphere Application Server Version5.0.2.6
IbmWebsphere Application Server Version5.0.2.7
IbmWebsphere Application Server Version5.0.2.8
IbmWebsphere Application Server Version5.0.2.9
IbmWebsphere Application Server Version5.0.2.10
IbmWebsphere Application Server Version5.0.2.11
IbmWebsphere Application Server Version5.0.2.12
IbmWebsphere Application Server Version5.0.2.13
IbmWebsphere Application Server Version5.0.2.14
IbmWebsphere Application Server Version5.0.2.15
IbmWebsphere Application Server Version5.0.2.16
IbmWebsphere Application Server Version5.1.0.2
IbmWebsphere Application Server Version5.1.0.4
IbmWebsphere Application Server Version5.1.0.5
IbmWebsphere Application Server Version5.1.1.1
IbmWebsphere Application Server Version5.1.1.2
IbmWebsphere Application Server Version5.1.1.3
IbmWebsphere Application Server Version5.1.1.4
IbmWebsphere Application Server Version5.1.1.5
IbmWebsphere Application Server Version5.1.1.6
IbmWebsphere Application Server Version5.1.1.7
IbmWebsphere Application Server Version5.1.1.8
IbmWebsphere Application Server Version5.1.1.9
IbmWebsphere Application Server Version5.1.1.10
IbmWebsphere Application Server Version6.0.2.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.08% 0.791
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/24478
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg21243541
http://www.securityfocus.com/bid/22991
http://www.vupen.com/english/advisories/2007/0970
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://secunia.com/advisories/20732
Patch
Vendor Advisory
http://www.securityfocus.com/bid/18578
http://www.vupen.com/english/advisories/2006/2482
Vendor Advisory