CVE-2002-2177

2005-11-1621:17:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

BEA WebLogic Server and Express 6.1 through 7.0.0.1 buffers HTTP requests in a way that can cause BEA to send the same response for two different HTTP requests, which could allow remote attackers to obtain sensitive information that was intended for other users.

References

dev2dev.bea.com/pub/advisory/38

www.iss.net/security_center/static/10221.php

www.securityfocus.com/bid/5819