CVE-2005-4833

2007-03-2010:00:00

mitre

www.cve.org

AI Score

6.3

Confidence

High

EPSS

0.014

Percentile

86.3%

JSON

IBM WebSphere Application Server (WAS) 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via “a specific JSP URL,” related to lack of normalization of the URL format.

References

osvdb.org/34177

secunia.com/advisories/24478

www-1.ibm.com/support/docview.wss?uid=swg21243541

www-1.ibm.com/support/docview.wss?uid=swg24008815

www.securityfocus.com/bid/22991

www.vupen.com/english/advisories/2007/0970