IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Websphere_application_server | Ibm | 5.0.2.5 (including) | 5.0.2.5 (including) |
| Websphere_application_server | Ibm | 5.0.2.6 (including) | 5.0.2.6 (including) |
| Websphere_application_server | Ibm | 5.0.2.7 (including) | 5.0.2.7 (including) |
| Websphere_application_server | Ibm | 5.0.2.8 (including) | 5.0.2.8 (including) |
| Websphere_application_server | Ibm | 5.0.2.9 (including) | 5.0.2.9 (including) |
| Websphere_application_server | Ibm | 5.1.0 (including) | 5.1.0 (including) |
| Websphere_application_server | Ibm | 5.1.0.2 (including) | 5.1.0.2 (including) |
| Websphere_application_server | Ibm | 5.1.0.3 (including) | 5.1.0.3 (including) |
| Websphere_application_server | Ibm | 5.1.0.4 (including) | 5.1.0.4 (including) |
| Websphere_application_server | Ibm | 5.1.0.5 (including) | 5.1.0.5 (including) |
| Websphere_application_server | Ibm | 5.1.1 (including) | 5.1.1 (including) |
| Websphere_application_server | Ibm | 5.1.1.2 (including) | 5.1.1.2 (including) |
| Websphere_application_server | Ibm | 5.1.1.3 (including) | 5.1.1.3 (including) |
References
- http://secunia.com/advisories/24478
- http://www-1.ibm.com/support/docview.wss?uid=swg21243541
- http://www-1.ibm.com/support/docview.wss?uid=swg24008814
- http://www-1.ibm.com/support/docview.wss?uid=swg24013840
- http://www.securityfocus.com/bid/22991
- http://www.vupen.com/english/advisories/2007/0970
- http://secunia.com/advisories/24478
- http://www-1.ibm.com/support/docview.wss?uid=swg21243541
- http://www-1.ibm.com/support/docview.wss?uid=swg24008814
- http://www-1.ibm.com/support/docview.wss?uid=swg24013840
- http://www.securityfocus.com/bid/22991
- http://www.vupen.com/english/advisories/2007/0970