|Date: (C)2010-05-17 (M)2017-08-18|| |
The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 22.214.171.124, 6.1 before 126.96.36.199, and 7.0 before 188.8.131.52 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading the retrieved file.
|CVSS Score: 2.6||Access Vector: NETWORK|
|Exploit Score: 4.9||Access Complexity: HIGH|
|Impact Score: 2.9||Authentication: NONE|
| ||Confidentiality: PARTIAL|
| ||Integrity: NONE|
| ||Availability: NONE|