IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names.Referenceshttp://www.ibm.com/support/docview.wss?uid=swg21995348http://www.securityfocus.com/bid/96124
