Vulnerability Bulletins |
Revelación de código fuente de páginas JSP en Sun Java System Application Server 7 |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Aumento de la visibilidad |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Comercial Software |
| Affected software |
Sun Java System Application Server 7 Standard Edition <= Update 6 Sun Java System Application Server 7 Platform Edition <= Update 6 Sun Java System Application Server 7 2004Q2 Standard Edition <= Update 2 Sun Java System Application Server 7 2004Q2 Enterprise Edition <= Update 2 |
Description |
|
|
Se ha descubierto una vulnerabilidad en varias versiones de Sun Java System Application Server 7. La vulnerabilidad reside en un error no especificado. Un atacante remoto podría visualizar el código fuente de páginas Java Server Pages. |
|
Solution |
|
|
Actualización de software Sun Sun Java System Application Server 7 Standard Edition / Update 7 http://www.sun.com/download/products.xml?id=42ae317c Sun Java System Application Server Platform Edition 7 / Solaris 9 OE / Update 7 http://www.sun.com/download/products.xml?id=42ae317a Sun Java System Application Server 7 2004Q2 Standard Edition / Update 3 http://www.sun.com/download/products.xml?id=427fe06d Sun Java System Application Server 7 2004Q2 Enterprise Edition / Update 3 https://osc-amer.sun.com/OSCSW/svcportal?pageName=clselection |
|
Standar resources |
|
| Property | Value |
| CVE | |
| BID | |
Other resources |
|
|
Sun Alert Notification (101910) http://sunsolve.sun.com/search/document.do?assetkey=1-26-101910-1 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2005-11-02 |