Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3231

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-3231
Last Modified 09 May 2011 12:00:00
Published 27 Jun 2006 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3231

Summary

Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters."

Vulnerable Systems

Application

  • Ibm Websphere Application Server 2.0

  • Ibm Websphere Application Server 3.0

  • Ibm Websphere Application Server 3.0.2

  • Ibm Websphere Application Server 3.0.2.1

  • Ibm Websphere Application Server 3.0.2.2

  • Ibm Websphere Application Server 3.0.2.3

  • Ibm Websphere Application Server 3.0.2.4

  • Ibm Websphere Application Server 3.5

  • Ibm Websphere Application Server 3.5.1

  • Ibm Websphere Application Server 3.5.2

  • Ibm Websphere Application Server 3.5.3

  • Ibm Websphere Application Server 4.0.3

  • Ibm Websphere Application Server 4.0.4

  • Ibm Websphere Application Server 5.0

  • Ibm Websphere Application Server 5.0.1

  • Ibm Websphere Application Server 5.0.2

  • Ibm Websphere Application Server 5.0.2.1

  • Ibm Websphere Application Server 5.0.2.10

  • Ibm Websphere Application Server 5.0.2.11

  • Ibm Websphere Application Server 5.0.2.12

  • Ibm Websphere Application Server 5.0.2.13

  • Ibm Websphere Application Server 5.0.2.14

  • Ibm Websphere Application Server 5.0.2.15

  • Ibm Websphere Application Server 5.0.2.16

  • Ibm Websphere Application Server 5.0.2.2

  • Ibm Websphere Application Server 5.0.2.3

  • Ibm Websphere Application Server 5.0.2.4

  • Ibm Websphere Application Server 5.0.2.5

  • Ibm Websphere Application Server 5.0.2.6

  • Ibm Websphere Application Server 5.0.2.7

  • Ibm Websphere Application Server 5.0.2.8

  • Ibm Websphere Application Server 5.0.2.9

  • Ibm Websphere Application Server 5.1.0

  • Ibm Websphere Application Server 5.1.0.2

  • Ibm Websphere Application Server 5.1.0.4

  • Ibm Websphere Application Server 5.1.0.5

  • Ibm Websphere Application Server 5.1.1

  • Ibm Websphere Application Server 5.1.1.1

  • Ibm Websphere Application Server 5.1.1.10

  • Ibm Websphere Application Server 5.1.1.2

  • Ibm Websphere Application Server 5.1.1.3

  • Ibm Websphere Application Server 5.1.1.4

  • Ibm Websphere Application Server 5.1.1.5

  • Ibm Websphere Application Server 5.1.1.6

  • Ibm Websphere Application Server 5.1.1.7

  • Ibm Websphere Application Server 5.1.1.8

  • Ibm Websphere Application Server 5.1.1.9

  • Ibm Websphere Application Server 6.0

  • Ibm Websphere Application Server 6.0.2

  • Ibm Websphere Application Server 6.0.2.9


References

SECUNIA - 20732

VUPEN - ADV-2007-0970

VUPEN - ADV-2006-2482

BID - 22991

BID - 18578

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21243541

CONFIRM - http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876

SECUNIA - 24478

AIXAPAR - PK22928


Last Updated: 27 May 2016 10:44:52