ID CVE-2006-1352
Type cve
Reporter NVD
Modified 2017-07-19T21:30:31
Description
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via crafted non-canonicalized XML documents.
{"id": "CVE-2006-1352", "bulletinFamily": "NVD", "title": "CVE-2006-1352", "description": "BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via crafted non-canonicalized XML documents.", "published": "2006-03-21T20:02:00", "modified": "2017-07-19T21:30:31", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1352", "reporter": "NVD", "references": ["http://dev2dev.bea.com/pub/advisory/183", "http://www.securityfocus.com/bid/17167", "http://securitytracker.com/id?1015790", "http://www.vupen.com/english/advisories/2006/1021", "https://exchange.xforce.ibmcloud.com/vulnerabilities/25348"], "cvelist": ["CVE-2006-1352"], "type": "cve", "lastseen": "2017-07-20T10:49:10", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:bea:weblogic_server:8.1:sp1:win32", "cpe:/a:bea:weblogic_server:7.0:sp2:express", "cpe:/a:bea:weblogic_server:6.1:sp7:express", "cpe:/a:bea:weblogic_server:8.1:sp2:win32", "cpe:/a:bea:weblogic_server:8.1:sp4:win32", "cpe:/a:bea:weblogic_server:7.0:sp6:express", "cpe:/a:bea:weblogic_server:8.1:sp2:express", "cpe:/a:bea:weblogic_server:6.1:sp4:win32", "cpe:/a:bea:weblogic_server:8.1:sp3:win32", "cpe:/a:bea:weblogic_server:6.1:sp5:express", "cpe:/a:bea:weblogic_server:8.1::win32", "cpe:/a:bea:weblogic_server:7.0:sp1:express", "cpe:/a:bea:weblogic_server:7.0:sp1:win32", "cpe:/a:bea:weblogic_server:6.1:sp7:win32", "cpe:/a:bea:weblogic_server:6.1::express", "cpe:/a:bea:weblogic_server:7.0:sp4:express", "cpe:/a:bea:weblogic_server:6.1:sp5:win32", "cpe:/a:bea:weblogic_server:6.1:sp1:win32", "cpe:/a:bea:weblogic_server:6.1:sp3:express", "cpe:/a:bea:weblogic_server:6.1:sp4:express", "cpe:/a:bea:weblogic_server:7.0:sp4:win32", "cpe:/a:bea:weblogic_server:7.0:sp3:win32", "cpe:/a:bea:weblogic_server:8.1:sp4:express", "cpe:/a:bea:weblogic_server:8.1::express", "cpe:/a:bea:weblogic_server:8.1:sp3:express", "cpe:/a:bea:weblogic_server:6.1:sp6:express", "cpe:/a:bea:weblogic_server:6.1::win32", "cpe:/a:bea:weblogic_server:7.0:sp5:win32", "cpe:/a:bea:weblogic_server:6.1:sp1:express", "cpe:/a:bea:weblogic_server:6.1:sp2:express", "cpe:/a:bea:weblogic_server:6.1:sp6:win32", "cpe:/a:bea:weblogic_server:6.1:sp2:win32", "cpe:/a:bea:weblogic_server:8.1:sp1:express", "cpe:/a:bea:weblogic_server:7.0:sp5:express", "cpe:/a:bea:weblogic_server:7.0:sp6:win32", "cpe:/a:bea:weblogic_server:7.0:sp3:express"], "cvelist": ["CVE-2006-1352"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via crafted non-canonicalized XML documents.", "edition": 1, "enchantments": {}, "hash": "89facabdbb28b96e19894eb11ebf30bddc2cdfeab91c610ed1737437f216f677", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "2dfad93411e9f16c6e84b83838a12956", "key": "cpe"}, {"hash": "77ea0b98bd48fb14408c7ba5414e8b94", "key": "modified"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "5f3dd4f2605b081a94741ca9d79d343f", "key": "title"}, {"hash": "fa46d9e122ec058dd2d8599e0891bfc9", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "eaa7b3fcabe1ac830309f40d3e0b9a8a", "key": "published"}, {"hash": "f68d7b70856b1b373c1fe453644e89f9", "key": "href"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "eff64fb7020ce4ac6975ad2ad8b9dc76", "key": "description"}, {"hash": "618b7ead3e9acaaf0cb088251f7e9742", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1352", "id": "CVE-2006-1352", "lastseen": "2016-09-03T06:39:43", "modified": "2011-03-07T21:32:51", "objectVersion": "1.2", "published": "2006-03-21T20:02:00", "references": ["http://dev2dev.bea.com/pub/advisory/183", "http://xforce.iss.net/xforce/xfdb/25348", "http://www.securityfocus.com/bid/17167", "http://securitytracker.com/id?1015790", "http://www.vupen.com/english/advisories/2006/1021"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-1352", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T06:39:43"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "2dfad93411e9f16c6e84b83838a12956"}, {"key": "cvelist", "hash": "618b7ead3e9acaaf0cb088251f7e9742"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "eff64fb7020ce4ac6975ad2ad8b9dc76"}, {"key": "href", "hash": "f68d7b70856b1b373c1fe453644e89f9"}, {"key": "modified", "hash": "2fea2907a64d5da4421e753ad7439104"}, {"key": "published", "hash": "eaa7b3fcabe1ac830309f40d3e0b9a8a"}, {"key": "references", "hash": "8c5744268cd8230cbc84ecc8dca41c9f"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "5f3dd4f2605b081a94741ca9d79d343f"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "c616d3fb6873a4f55e61f5e22c1c232fa716eab13dcff0c82ee2db6c35f44f9b", "viewCount": 0, "enchantments": {"vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:bea:weblogic_server:8.1:sp1:win32", "cpe:/a:bea:weblogic_server:7.0:sp2:express", "cpe:/a:bea:weblogic_server:6.1:sp7:express", "cpe:/a:bea:weblogic_server:8.1:sp2:win32", "cpe:/a:bea:weblogic_server:8.1:sp4:win32", "cpe:/a:bea:weblogic_server:7.0:sp6:express", "cpe:/a:bea:weblogic_server:8.1:sp2:express", "cpe:/a:bea:weblogic_server:6.1:sp4:win32", "cpe:/a:bea:weblogic_server:8.1:sp3:win32", "cpe:/a:bea:weblogic_server:6.1:sp5:express", "cpe:/a:bea:weblogic_server:8.1::win32", "cpe:/a:bea:weblogic_server:7.0:sp1:express", "cpe:/a:bea:weblogic_server:7.0:sp1:win32", "cpe:/a:bea:weblogic_server:6.1:sp7:win32", "cpe:/a:bea:weblogic_server:6.1::express", "cpe:/a:bea:weblogic_server:7.0:sp4:express", "cpe:/a:bea:weblogic_server:6.1:sp5:win32", "cpe:/a:bea:weblogic_server:6.1:sp1:win32", "cpe:/a:bea:weblogic_server:6.1:sp3:express", "cpe:/a:bea:weblogic_server:6.1:sp4:express", "cpe:/a:bea:weblogic_server:7.0:sp4:win32", "cpe:/a:bea:weblogic_server:7.0:sp3:win32", "cpe:/a:bea:weblogic_server:8.1:sp4:express", "cpe:/a:bea:weblogic_server:8.1::express", "cpe:/a:bea:weblogic_server:8.1:sp3:express", "cpe:/a:bea:weblogic_server:6.1:sp6:express", "cpe:/a:bea:weblogic_server:6.1::win32", "cpe:/a:bea:weblogic_server:7.0:sp5:win32", "cpe:/a:bea:weblogic_server:6.1:sp1:express", "cpe:/a:bea:weblogic_server:6.1:sp2:express", "cpe:/a:bea:weblogic_server:6.1:sp6:win32", "cpe:/a:bea:weblogic_server:6.1:sp2:win32", "cpe:/a:bea:weblogic_server:8.1:sp1:express", "cpe:/a:bea:weblogic_server:7.0:sp5:express", "cpe:/a:bea:weblogic_server:7.0:sp6:win32", "cpe:/a:bea:weblogic_server:7.0:sp3:express"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"osvdb": [{"id": "OSVDB:24027", "type": "osvdb", "title": "BEA WebLogic Non-canonicalized XML Processing DoS", "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://dev2dev.bea.com/pub/advisory/183)\nSecurity Tracker: 1015790\n[Secunia Advisory ID:19310](https://secuniaresearch.flexerasoftware.com/advisories/19310/)\n[Related OSVDB ID: 24028](https://vulners.com/osvdb/OSVDB:24028)\nKeyword: BEA06-123.00\nFrSIRT Advisory: ADV-2006-1021\n[CVE-2006-1352](https://vulners.com/cve/CVE-2006-1352)\nBugtraq ID: 17167\n", "published": "2006-03-20T05:47:38", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:24027", "cvelist": ["CVE-2006-1352"], "lastseen": "2017-04-28T13:20:20"}]}}