Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

0day.today
0day.todayadded 2012/05/18 12:0 a.m.53 views

Oracle Weblogic Apache Connector POST Request Buffer Overflow

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

7.1AI score0.83589EPSS
Exploits9
Metasploit
Metasploitadded 2012/05/17 8:28 a.m.34 views

Oracle Weblogic Apache Connector POST Request Buffer Overflow

This module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. The connector fails to properly handle specially crafted HTTP POST requests, resulting a buffer overflow due to the insecure usage of sprintf. Currently, this module works over Windows systems without DEP, and h...

10CVSS7.4AI score0.83589EPSS
Exploits9
CERT
CERTadded 2008/07/29 12:0 a.m.133 views

Oracle Weblogic Apache connector vulnerable to buffer overflow

Overview Oracle Weblogic formerly BEA Weblogic contains a vulnerability which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Weblogic Server and Weblogic Express applicaiton servers can be integrated with the Apache webserver usin...

10CVSS7.2AI score0.83589EPSS
Exploits9References4
Saint
Saintadded 2008/07/25 12:0 a.m.36 views

Oracle WebLogic Server Apache Connector POST buffer overflow

Added: 07/25/2008 CVE: CVE-2008-3257 BID: 30273 OSVDB: 47096 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow in the Apache Connector for WebLogic Server allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.8AI score0.83589EPSS
Exploits9
Cvelist
Cvelistadded 2008/07/22 4:0 p.m.41 views

CVE-2008-3257

Stack-based buffer overflow in the Apache Connector modwl in Oracle WebLogic Server formerly BEA WebLogic Server 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request...

7.5AI score0.83589EPSS
Exploits9References12
CVE
CVEadded 2008/07/22 4:0 p.m.123 views

CVE-2008-3257

CVE-2008-3257 describes a stack-based buffer overflow in the Oracle WebLogic Server Apache Connector (mod_wl) that affects WebLogic Server 10.3 and earlier. The overflow occurs when handling a long HTTP version string in a POST request, allowing remote attackers to potentially execute arbitrary c...

10CVSS7.4AI score0.83589EPSS
Exploits9References12Affected Software4
Circl
Circladded 2008/07/17 12:0 a.m.11 views

CVE-2008-3257

creationtimestamp| type| source ---|---|--- 2008-07-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6089 2012-05-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18897 2018-05-29 15:50:33+00:00| seen|...

10CVSS5.7AI score0.83589EPSS
Exploits9References3
Rows per page
Query Builder