Back to search
CVE-2005-4833
Published: Mar 20, 2007
Modified: Aug 8, 2024
PUBLISHED
Description
IBM WebSphere Application Server (WAS) 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2007-0970
vdb-entry
x_refsource_VUPEN
24478
third-party-advisory
x_refsource_SECUNIA
http://www-1.ibm.com/support/docview.wss?uid=swg21243541
x_refsource_CONFIRM
34177
vdb-entry
x_refsource_OSVDB
22991
vdb-entry
x_refsource_BID
PK00091
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now