CVE-2010-0777
CVE-2010-0777
The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading the retrieved file.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://secunia.com/advisories/39838https://exchange.xforce.ibmcloud.com/vulnerabilities/58557http://www-01.ibm.com/support/docview.wss?uid=swg1PM06111http://www-01.ibm.com/support/docview.wss?uid=swg27007951http://www.securityfocus.com/bid/40277http://www.vupen.com/english/advisories/2010/1200