Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026
CVE-2005-0425
CVE-2005-0425
Description
Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine.
Affected products
4cpe:2.3:a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*
- (no CPE)range: 5.0, 5.1, 6.0
Patches
Vulnerability mechanics
References
3- secunia.com/advisories/14274nvdPatchVendor Advisory
- www-1.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www-1.ibm.com/support/docview.wssnvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.