|
Abstract |
A possible security exposure has been identified in IBM®
WebSphere® Application Server Version 4.0.5 where, under certain
circumstances, raw JavaServer Page™ (JSP™) source contents could
potentially be served to the browsers. |
|
Content |
IBM has identified a potential security exposure in IBM
WebSphere Application Server where a maliciously formatted http request
for a JSP resource can cause the application server to serve the raw JSP
source content to the browser.
Versions Affected
IBM WebSphere Application Server Version 4.0.5 users of JSPs with the file
serving feature enabled.
Solution
A fix is available for IBM WebSphere Application Server Version 4.0.5 in
APAR PQ76082.
To download this APAR fix:
- Go to http://www.ibm.com/software/webservers/appserv/was/support/
- Search for PQ76082:
The download package link is located inside the APAR PQ76082
document.
IBM interim fixes and fix packs for the IBM WebSphere Application Server
Product are available at this Support site. |
|
|
|
|
|
|