Lucene search

[email protected]CVE-2002-1030

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-1030

2002-10-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-1030

race condition

performance pack

bea weblogic server

denial of service

remote attackers

nvd

7.4 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.

CPENameOperatorVersion
bea:weblogic_serverbea weblogic servereq5.1
bea:weblogic_serverbea weblogic servereq6.1
bea:weblogic_serverbea weblogic servereq6.0
bea:weblogic_serverbea weblogic servereq7.0

CPE	Name	Operator	Version
bea:weblogic_server	bea weblogic server	eq	5.1
bea:weblogic_server	bea weblogic server	eq	6.1
bea:weblogic_server	bea weblogic server	eq	6.0
bea:weblogic_server	bea weblogic server	eq	7.0

References

archives.neohapsis.com/archives/vulnwatch/2002-q3/0008.html

dev2dev.bea.com/resourcelibrary/advisoriesdetail.jsp?highlight=advisoriesnotifications&path=components%2Fdev2dev%2Fresourcelibrary%2Fadvisoriesnotifications%2Fadvisory_BEA02-19.htm

online.securityfocus.com/archive/1/281046

www.iss.net/security_center/static/9486.php

www.securityfocus.com/bid/5159

7.4 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON