CVE-2006-4223 in WebSphere Application Server
요약 (영어)
IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain sensitive information via unspecified vectors related to "JSP source code exposure" (PK23475), which occurs when ibm-web-ext.xmi sets fileServingEnabled to true or ExtendedDocumentRoot is used to place a JSP outside a WAR.file; (3) the First Failure Data Capture (ffdc) log file (PK24834); and (4) traces (PK25568), a different issue than CVE-2006-4137.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
예약하다
2006. 08. 18.
공개
2006. 08. 18.
상태
확인됨
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 2606 | IBM WebSphere Application Server 정보 공개 | 200 | 개념 증명 | 공식 수정 | CVE-2006-4223 |
| 2605 | IBM WebSphere Application Server WSN Authentication 정보 공개 | 200 | 개념 증명 | 공식 수정 | CVE-2006-4223 |