2 matches found
CVE-2006-2466
BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 are affected by the JSP showcode vulnerability. Under certain timing-window conditions during a JSP compilation error, remote attackers can obtain the JSP source code, exposing partial confidentiality. The available documents do not specify a re...
CVE-2006-2466
BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source code of JSP pages during certain circumstances related to a "timing window" when a compilation error occurs, aka the "JSP showcode vulnerability."...