Code injection

2008-02-2221:44:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.5%

JSON

Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.

CPENameOperatorVersion
weblogic_expressle10.0
weblogic_serverle10.0

CPE	Name	Operator	Version
	weblogic_express	le	10.0
	weblogic_server	le	10.0

References

dev2dev.bea.com/pub/advisory/275

secunia.com/advisories/29041

www.securitytracker.com/id?1019450

www.vupen.com/english/advisories/2008/0608/references