Lucene search

[email protected]CVE-2005-1747

HistoryMay 24, 2005 - 4:00 a.m.

CVE-2005-1747

2005-05-2404:00:00

[email protected]

web.nvd.nist.gov

cve

2005

1747

cross-site scripting

xss

bea

weblogic server

express

security vulnerability

remote attack

web script

html

administrative privilege

8.4 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.96 High

EPSS

Percentile

99.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote attackers to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_username or (2) j_password parameters in the login page (LoginForm.jsp), (3) parameters to the error page in the Administration Console, (4) unknown vectors in the Server Console while the administrator has an active session to obtain the ADMINCONSOLESESSION cookie, or (5) an alternate vector in the Server Console that does not require an active session but also leaks the username and password.

Affected configurations

NVD

Node

beaweblogic_serverMatch6.0

beaweblogic_serverMatch6.0express

beaweblogic_serverMatch6.0win32

beaweblogic_serverMatch6.0sp1

beaweblogic_serverMatch6.0sp1express

beaweblogic_serverMatch6.0sp1win32

beaweblogic_serverMatch6.0sp2

beaweblogic_serverMatch6.0sp2express

beaweblogic_serverMatch6.0sp2win32

beaweblogic_serverMatch6.1

beaweblogic_serverMatch6.1express

beaweblogic_serverMatch6.1win32

beaweblogic_serverMatch6.1sp1

beaweblogic_serverMatch6.1sp1express

beaweblogic_serverMatch6.1sp1win32

beaweblogic_serverMatch6.1sp2

beaweblogic_serverMatch6.1sp2express

beaweblogic_serverMatch6.1sp2win32

beaweblogic_serverMatch6.1sp3

beaweblogic_serverMatch6.1sp3express

beaweblogic_serverMatch6.1sp3win32

beaweblogic_serverMatch6.1sp4

beaweblogic_serverMatch6.1sp4express

beaweblogic_serverMatch6.1sp4win32

beaweblogic_serverMatch6.1sp5

beaweblogic_serverMatch6.1sp5express

beaweblogic_serverMatch6.1sp5win32

beaweblogic_serverMatch6.1sp6

beaweblogic_serverMatch6.1sp6win32

beaweblogic_serverMatch7.0

beaweblogic_serverMatch7.0express

beaweblogic_serverMatch7.0win32

beaweblogic_serverMatch7.0sp1

beaweblogic_serverMatch7.0sp1express

beaweblogic_serverMatch7.0sp1win32

beaweblogic_serverMatch7.0sp2

beaweblogic_serverMatch7.0sp2express

beaweblogic_serverMatch7.0sp2win32

beaweblogic_serverMatch7.0sp3

beaweblogic_serverMatch7.0sp3express

beaweblogic_serverMatch7.0sp3win32

beaweblogic_serverMatch7.0sp4

beaweblogic_serverMatch7.0sp4express

beaweblogic_serverMatch7.0sp4win32

beaweblogic_serverMatch7.0sp5

beaweblogic_serverMatch7.0sp5express

beaweblogic_serverMatch7.0sp5win32

beaweblogic_serverMatch7.0.0.1

beaweblogic_serverMatch7.0.0.1express

beaweblogic_serverMatch7.0.0.1win32

beaweblogic_serverMatch7.0.0.1sp1

beaweblogic_serverMatch7.0.0.1sp1express

beaweblogic_serverMatch7.0.0.1sp1win32

beaweblogic_serverMatch7.0.0.1sp2

beaweblogic_serverMatch7.0.0.1sp2express

beaweblogic_serverMatch7.0.0.1sp2win32

beaweblogic_serverMatch7.0.0.1sp3

beaweblogic_serverMatch7.0.0.1sp3express

beaweblogic_serverMatch7.0.0.1sp4

beaweblogic_serverMatch7.0.0.1sp4express

beaweblogic_serverMatch8.1

beaweblogic_serverMatch8.1express

beaweblogic_serverMatch8.1win32

beaweblogic_serverMatch8.1sp1

beaweblogic_serverMatch8.1sp1express

beaweblogic_serverMatch8.1sp1win32

beaweblogic_serverMatch8.1sp2

beaweblogic_serverMatch8.1sp2express

beaweblogic_serverMatch8.1sp2win32

beaweblogic_serverMatch8.1sp3

beaweblogic_serverMatch8.1sp3express

beaweblogic_serverMatch8.1sp3win32

beaweblogic_serverMatch8.1sp4

beaweblogic_serverMatch8.1sp4express

beaweblogic_serverMatch8.1sp4win32

oracleweblogic_portalMatch8.0

CPENameOperatorVersion
bea:weblogic_serverbea weblogic servereq6.0
bea:weblogic_serverbea weblogic servereq6.1
bea:weblogic_serverbea weblogic servereq7.0
bea:weblogic_serverbea weblogic servereq7.0.0.1
bea:weblogic_serverbea weblogic servereq8.1
oracle:weblogic_portaloracle weblogic portaleq8.0

CPE	Name	Operator	Version
bea:weblogic_server	bea weblogic server	eq	6.0
bea:weblogic_server	bea weblogic server	eq	6.1
bea:weblogic_server	bea weblogic server	eq	7.0
bea:weblogic_server	bea weblogic server	eq	7.0.0.1
bea:weblogic_server	bea weblogic server	eq	8.1
oracle:weblogic_portal	oracle weblogic portal	eq	8.0

References

dev2dev.bea.com/pub/advisory/130

marc.info/?l=bugtraq&m=111695844803328&w=2

marc.info/?l=bugtraq&m=111695921212456&w=2

marc.info/?l=bugtraq&m=111722298705561&w=2

marc.info/?l=bugtraq&m=111722380313416&w=2

secunia.com/advisories/15486

securitytracker.com/id?1014049

www.acrossecurity.com/aspr/ASPR-2005-05-24-1-PUB.txt

www.acrossecurity.com/aspr/ASPR-2005-05-24-2-PUB.txt

www.appsecinc.com/resources/alerts/general/BEA-001.html

www.appsecinc.com/resources/alerts/general/BEA-002.html

www.securityfocus.com/bid/13717

www.vupen.com/english/advisories/2005/0607

8.4 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.96 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2005-1747

checkpoint_advisories1 nvd1 cvelist1 nessus1