Page 12 of 72 results (0.006 seconds)

CVSS: 5.0EPSS: 1%CPEs: 34EXPL: 0

IBM WebSphere Application Server (WAS) 5.1.1.9 and earlier allows remote attackers to obtain JSP source code and other sensitive information via "a specific JSP URL." IBM WebSphere Application Server (WAS) 5.1.1.9 y anteriores permiten a atacantes remotos obtener el código fuente JSP y otra información sensible mediante ciertas "URIs especiales". • http://secunia.com/advisories/24478 http://www-1.ibm.com/support/docview.wss?uid=swg21243541 http://www-1.ibm.com/support/docview.wss?uid=swg24011720 http://www.securityfocus.com/bid/22991 http://www.vupen.com/english/advisories/2007/0970 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360. Vulnerabilidad no especificada en IBM WebSphere Application Server anterior a 6.1.0.2 tiene impacto y vectores de ataque no especificados, relacionado con una "posible exposición de seguridad", también conocido como PK29360. • http://secunia.com/advisories/22372 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013142 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951 http://www-1.ibm.com/support/search.wss?rs=0&q=PK29360&apar=only http://www.vupen.com/english/advisories/2006/4000 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374. El componente de seguridad Web Services Notification (WSN) de IBM WebSphere Application Server anterior a 6.1.0.2 permite a atacantes obtener acceso no especificado sin suministrar nombre de usuario y contraseña, también conocido como PK28374. • http://secunia.com/advisories/22372 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013142 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951 http://www-1.ibm.com/support/search.wss?rs=0&q=PK28374&apar=only http://www.vupen.com/english/advisories/2006/4000 •

CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0

IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain sensitive information via unspecified vectors related to "JSP source code exposure" (PK23475), which occurs when ibm-web-ext.xmi sets fileServingEnabled to true or ExtendedDocumentRoot is used to place a JSP outside a WAR.file; (3) the First Failure Data Capture (ffdc) log file (PK24834); and (4) traces (PK25568), a different issue than CVE-2006-4137. IBM WebSphere Application Server anterior a 6.0.2.13 permiet a atacantes locales o remotos (dependiendo del contexto) obtener información sensible a través de vectores no especificados relacionados con (1) "exposición de código fuente JSTP" (PK23475), (2) el archivo de registro de la Captura de Datos del Primer Fallo (First Failure Data Capture)(ffdc)(PK24834), y (3) trazas (PK25568), un problema distinto de CVE-2006-4137. • http://secunia.com/advisories/21487 http://secunia.com/advisories/24478 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876#60213 http://www-1.ibm.com/support/docview.wss?uid=swg21243541 http://www-1.ibm.com/support/docview.wss?uid=swg24013827 http://www.securityfocus.com/bid/22991 http://www.vupen.com/english/advisories/2006/3281 http://www.vupen.com/english/advisories/2007/0970 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0

Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.0.2.13 have unspecified vectors and impact, including (1) an "authority problem" in ThreadIdentitySupport as identified by PK25199, and "Potential security exposure" issues as identified by (2) PK22747, (3) PK24334, (4) PK25740, and (5) PK26123. Múltiples vulnerabilidades no especificadas en el servidor de aplicaciones IBM WebSphere Application Server anterior a 6.0.2.13 tienen vectores e impacto no especificados, incluyendo (1) un "problema de autoridad" en ThreadIdentitySupport como se ha identificado en PK25199, y "Potenciales problemas de exposición de seguridad" como identifican (2) PK22747, (3) PK24334, (4) PK25740, y (5) PK26123. • http://secunia.com/advisories/21487 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876#60213 http://www.vupen.com/english/advisories/2006/3281 •