CVE-2006-7164 Information

Description

SimpleFileServlet in IBM WebSphere Application Server 5.0.1 through 5.0.2.7 on Linux and UNIX does not block certain invalid URIs and does not issue a security challenge which allows remote attackers to read secure files and obtain sensitive information via certain requests.

Reference

http://www-1.ibm.com/support/docview.wss?uid=swg24013029