Lucene search

[email protected]CVE-2007-2705

HistoryMay 16, 2007 - 1:19 a.m.

CVE-2007-2705

2007-05-1601:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

bea weblogic

directory traversal

vulnerability

remote attackers

weblogic workshop

nvd

cve-2007-2705

7.5 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.008 Low

EPSS

Percentile

82.0%

JSON

Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when “deployed in an exploded format,” allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.

CPENameOperatorVersion
bea:weblogic_workshopbea weblogic workshopeq8.1
bea:weblogic_integrationbea weblogic integrationeq9.2

CPE	Name	Operator	Version
bea:weblogic_workshop	bea weblogic workshop	eq	8.1
bea:weblogic_integration	bea weblogic integration	eq	9.2

References

dev2dev.bea.com/pub/advisory/239

osvdb.org/36063

www.securitytracker.com/id?1018059

www.vupen.com/english/advisories/2007/1815

exchange.xforce.ibmcloud.com/vulnerabilities/34281

7.5 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for CVE-2007-2705

cvelist1 prion1