61 matches found
Artemis: Deserialization of untrusted input vulnerability
It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...
Artemis: Deserialization of untrusted input vulnerability
It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...
The vulnerability of Oracle WebLogic Server application servers allows attackers to compromise the integrity, availability, and confidentiality of information.
The vulnerability of the Oracle WebLogic Server application server is related to errors in the code. Exploiting this vulnerability can allow a malicious actor to compromise the integrity, availability, and confidentiality of information by manipulating the Java Messaging Service...
Oracle WebLogic Server Java Object Deserialization RCE (April 2016 CPU)
The remote Oracle WebLogic Server is affected by a remote code execution vulnerability in the Java Messaging Service subcomponent in the readExternal function due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted object payload, t...
Oracle WebLogic Server Multiple Vulnerabilities (April 2016 CPU)
Binary data oracleweblogicservercpuapr2016.nbin...
Unspecified Vulnerability in Oracle Fusion Middleware WebLogic Server Component (CNVD-2016-02481)
Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, of which Oracle WebLogic Server is an application server component for both cloud and traditional environments. An unspecified vulnerability exists in the Jav...
CVE-2016-0638
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service...
Design/Logic Flaw
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service...
CVE-2016-0638
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service...
CVE-2016-0638
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service...
CVE-2016-0638
CVE-2016-0638 affects Oracle WebLogic Server in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1. The vulnerability lies in the Java Messaging Service component and allows remote attackers to impact confidentiality, integrity, and availability (C/P/I) via network vectors. The CVSS v3 b...
Unspecified Vulnerability in Oracle WebLogic WLS Java Messaging Service Component
Oracle WebLogic server is an application server platform for building and running enterprise applications and services. An unspecified vulnerability exists in the WLS Java Messaging Service component inside Oracle WebLogic, which could be exploited by remote attackers to gain access to data, modi...
CVE-2016-0573
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Java Messaging Service...
CVE-2016-0573
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Java Messaging Service...
Design/Logic Flaw
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Java Messaging Service...
CVE-2016-0573
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Java Messaging Service...
Apache ActiveMQ Arbitrary Code Execution Vulnerability
Apache ActiveMQ is the United States Apache Apache Software Foundation developed a set of open source messaging middleware , which supports Java messaging services , clustering , Spring Framework and so on. Apache ActiveMQ 5.13.0 before 5.x version of a security vulnerability , the vulnerability...
CVE-2008-5098
Cross-site scripting XSS vulnerability in Sun Java System Messaging Server 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-2904...
CVE-2008-5098
Cross-site scripting XSS vulnerability in Sun Java System Messaging Server 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-2904...
CVE-2007-2904
Cross-site scripting XSS vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653...