Multiple Vendor JSP Source Code Disclosure Vulnerability

Solution:
Unify has released eWave ServletExec version 3.0c which is not vulnerable to this issue.

BEA Systems Weblogic: A vendor supplied patch for version 3.1.8 is available at : ftp://ftpna.beasys.com/pub/releases/318/caseSensitiveNTFix318.zip

IBM WebSphere Application Server: IBM has released a fix which will eliminate this exploit and is available at :
http://www6.software.ibm.com/dl/websphere8/wscorsvc-p



 

Privacy Statement
Copyright 2010, SecurityFocus