PK23670; 5.1.1.9: JSP source code exposure
 Downloadable files
 
Abstract
Source code of a JSP might be displayed for some special URIs.
 
Download Description
PK23670 resolves the following problem:

ERROR DESCRIPTION
There is a possibility to expose JSP source code under certain conditions.

LOCAL FIX
None

PROBLEM SUMMARY

USERS AFFECTED
WebSphere Application Server users of version 5.1.

PROBLEM DESCRIPTION
Source code of a JSP might be displayed for some special URIs.

RECOMMENDATION
None

Source code for a JSP files might be displayed.

PROBLEM CONCLUSION
A specific JSP URL might expose JSP source code rather than the JSP page. With this fix, it will show an error.

The fix for this APAR is currently targeted for inclusion in cumulative fix 5.1.1.11. Please refer to the recommended updates page for delivery information:
General/swg27004980.html
 
Prerequisites
Please download the UpdateInstaller below to install this fix.
 
URL LANGUAGE SIZE(Bytes)
UpdateInstaller US English 7250000
 
 
Installation Instructions
Please review the readme.txt for detailed installation instructions.
 
URL LANGUAGE SIZE(Bytes)
Readme US English 4610
 
Download package
What is DD?
Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
PK23670_500 08-03-2006 US English 6549 FTP DD
PK23670_510_5105 08-03-2006 US English 7582 FTP DD
PK23670_511_5114 08-03-2006 US English 7699 FTP DD
PK23670_5115_51110 08-03-2006 US English 7864 FTP DD
 
Technical support
Contact IBM Support using ESR (http://www-306.ibm.com/software/support/probsub.html), visit the WebSphere Application Server Support Web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
Problems (APARS) fixed
PK23670
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Servlet Engine/Web Container
Operating system(s): Windows
Software version: 5.1.1.10
Software edition:
Reference #: 4013032
IBM Group: Software Group
Modified date: Aug 7, 2006