Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via βURIs with special characters.β
secunia.com/advisories/20732
secunia.com/advisories/24478
www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876
www-1.ibm.com/support/docview.wss?uid=swg21243541
www.securityfocus.com/bid/18578
www.securityfocus.com/bid/22991
www.vupen.com/english/advisories/2006/2482
www.vupen.com/english/advisories/2007/0970