CVE-2006-3231

Опубликовано: 27 июн. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters."

Ссылки

http://secunia.com/advisories/20732
Patch
Vendor Advisory
http://secunia.com/advisories/24478
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://www-1.ibm.com/support/docview.wss?uid=swg21243541
http://www.securityfocus.com/bid/18578
http://www.securityfocus.com/bid/22991
http://www.vupen.com/english/advisories/2006/2482
Vendor Advisory
http://www.vupen.com/english/advisories/2007/0970
Vendor Advisory
http://secunia.com/advisories/20732
Patch
Vendor Advisory
http://secunia.com/advisories/24478
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
http://www-1.ibm.com/support/docview.wss?uid=swg21243541
http://www.securityfocus.com/bid/18578
http://www.securityfocus.com/bid/22991
http://www.vupen.com/english/advisories/2006/2482
Vendor Advisory
http://www.vupen.com/english/advisories/2007/0970
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_application_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:3.5.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.14:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.15:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.0.2.16:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:5.1.1.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00842

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-hhmc-pjhr-jvpx

github

почти 4 года назад