IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request.Referenceshttp://www.securityfocus.com/bid/96114http://www.ibm.com/support/docview.wss?uid=swg21995436
