CVE-2006-3921 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-3921
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3921

Description: Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28061 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102521-1 ST 1016596 1016597 SAID Secunia Advisory: SA21251 Secunia Advisory: SA22425 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-204.htm BID 19200

Return to the previous page.