{"type": "osvdb", "published": "2004-09-13T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:9975", "bulletinFamily": "software", "cvss": {"vector": "NONE", "score": 0.0}, "viewCount": 1, "edition": 1, "reporter": "BEA Systems()", "title": "BEA WebLogic HTTP Header Version Information Disclosure", "affectedSoftware": [{"operator": "eq", "version": "7.0 SP5", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "8.1 SP1", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "7.0 SP2", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "7.0 SP3", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "6.1 SP5", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "6.1 SP6", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "7.0", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "6.1", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "8.1", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "7.0 SP4", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "8.1 SP2", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "6.1 SP1", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "6.1 SP2", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "7.0 SP1", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "6.1 SP3", "name": "WebLogic Server and WebLogic Express"}, {"operator": "eq", "version": "6.1 SP4", "name": "WebLogic Server and WebLogic Express"}], "enchantments": {"score": {"value": 0.4, "vector": "NONE", "modified": "2017-04-28T13:20:05", "rev": 2}, "dependencies": {"references": [], "modified": "2017-04-28T13:20:05", "rev": 2}, "vulnersScore": 0.4}, "references": [], "id": "OSVDB:9975", "lastseen": "2017-04-28T13:20:05", "cvelist": [], "modified": "2004-09-13T00:00:00", "description": "## Vulnerability Description\nWebLogic Server and WebLogic Express contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker sends an HTTP request occurs, which will disclose the server version resulting in a loss of confidentiality.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, BEA Systems has released a patch to address this vulnerability.\n## Short Description\nWebLogic Server and WebLogic Express contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker sends an HTTP request occurs, which will disclose the server version resulting in a loss of confidentiality.\n## References:\nVendor URL: http://www.bea.com/\n[Vendor Specific Advisory URL](http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04-70.00.jsp)\n[Secunia Advisory ID:12524](https://secuniaresearch.flexerasoftware.com/advisories/12524/)\n[Related OSVDB ID: 9974](https://vulners.com/osvdb/OSVDB:9974)\n[Related OSVDB ID: 9978](https://vulners.com/osvdb/OSVDB:9978)\n[Related OSVDB ID: 9972](https://vulners.com/osvdb/OSVDB:9972)\n[Related OSVDB ID: 9973](https://vulners.com/osvdb/OSVDB:9973)\n[Related OSVDB ID: 9976](https://vulners.com/osvdb/OSVDB:9976)\n[Related OSVDB ID: 9977](https://vulners.com/osvdb/OSVDB:9977)\nKeyword: BEA04-70.00\n"}

{}