Vulnerability Description
Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | 5.0 |
References
- http://secunia.com/advisories/14274PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg24008814PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg24008815PatchVendor Advisory
- http://secunia.com/advisories/14274PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg24008814PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg24008815PatchVendor Advisory
FAQ
What is CVE-2005-0425?
CVE-2005-0425 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL th...
How severe is CVE-2005-0425?
CVE-2005-0425 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0425?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server.