Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:7EAFE6F06DA5302D7D061FB333FFAC02
HistoryOct 31, 2008 - 12:00 a.m.

Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow

2008-10-3100:00:00
SAINT Corporation
www.saintcorporation.com
38

0.97 High

EPSS

Percentile

99.7%

JSON

Added: 10/31/2008
CVE: CVE-2008-4008
BID: 31683
OSVDB: 49283

Background

Oracle WebLogic Server (formerly BEA WebLogic Server) is a Java web application platform.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted Transfer-Encoding header in an HTTP request.

Resolution

Install the latest WebLogic Server plug-in referenced in the Oracle Security Advisory.

References

<https://support.bea.com/application_content/product_portlets/securityadvisories/2806.html&gt;

Limitations

Exploit works on the WebLogic Server Connector for Apache 1.0.1136334.

Platforms

Windows

Related

nessus 1
cvelist 1
packetstorm 1
seebug 2
saint 3
cve 1
prion 1
securityvulns 2
checkpoint_advisories 1
oracle 2
nessus
nessus
Oracle WebLogic Server mod_wl Invalid Parameter Remote Overflow (1150354)
2008-11-16 00:00:00
cvelist
cvelist
CVE-2008-4008
2008-10-14 21:00:00
packetstorm
packetstorm
BEA Weblogic Transfer-Encoding Buffer Overflow
2009-11-26 00:00:00
seebug
seebug
Oracle WebLogic Apache连接器远程缓冲区溢出漏洞
2008-11-04 00:00:00
Oracle 2008年10月紧急补丁更新修复多个漏洞
2008-10-20 00:00:00
saint
saint
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
2008-10-31 00:00:00
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
2008-10-31 00:00:00
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
2008-10-31 00:00:00
cve
cve
CVE-2008-4008
2008-10-14 21:11:00
prion
prion
Stack overflow
2008-10-14 21:11:00
securityvulns
securityvulns
iDefense Security Advisory 10.31.08: Oracle WebLogic Apache Connector
2008-11-02 00:00:00
Oracle WebLogic Apache Connector buffer overflow
2008-11-02 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle BEA WebLogic Server Apache Connector Buffer Overflow (CVE-2008-4008)
2009-12-17 00:00:00
oracle
oracle
CPUOct2008 Advisory
2008-10-14 00:00:00
CPU Jan 2009
2009-01-13 00:00:00

0.97 High

EPSS

Percentile

99.7%

JSON
Related for SAINT:7EAFE6F06DA5302D7D061FB333FFAC02
nessus1cvelist1packetstorm1seebug2saint3cve1prion1securityvulns2checkpoint_advisories1oracle2