CVE-2006-3921

N/A Unknown

Published: July 28, 2006 Modified: April 16, 2026

Description

Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/21251

Source: cve@mitre.org

http://secunia.com/advisories/22425

Source: cve@mitre.org

http://securitytracker.com/id?1016596

Source: cve@mitre.org

Patch

http://securitytracker.com/id?1016597

Source: cve@mitre.org

Patch

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102521-1

Source: cve@mitre.org

Patch

http://support.avaya.com/elmodocs2/security/ASA-2006-204.htm

Source: cve@mitre.org

http://www.securityfocus.com/bid/19200

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2006/3020

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28061

Source: cve@mitre.org

http://secunia.com/advisories/21251