Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter.
osvdb.org/49767
secunia.com/advisories/32606
sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1
www.procheckup.com/Vulnerability_PR08-09.php
www.securityfocus.com/archive/1/498487/100/0/threaded
www.securityfocus.com/bid/32262
www.securitytracker.com/id?1021170
www.vupen.com/english/advisories/2008/3128
exchange.xforce.ibmcloud.com/vulnerabilities/46554