Lucene search
+L

1841 matches found

securityvulns
securityvulns
added 2008/11/02 12:0 a.m.52 views

Oracle WebLogic Apache Connector buffer overflow

Buffer overflow on oversized HTTP request argument...

10CVSS3.1AI score0.56268EPSS
Exploits9References1Affected Software1
Saint
Saint
added 2008/10/31 12:0 a.m.81 views

Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow

Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.8AI score0.56268EPSS
Exploits9
Saint
Saint
added 2008/10/31 12:0 a.m.171 views

Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow

Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.5AI score0.56268EPSS
Exploits9
Saint
Saint
added 2008/10/31 12:0 a.m.89 views

Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow

Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.7AI score0.56268EPSS
Exploits9
seebug.org
seebug.org
added 2008/10/20 12:0 a.m.91 views

Oracle 2008年10月紧急补丁更新修复多个漏洞

BUGTRAQ ID: 31683 CVECAN ID:...

10CVSS6.6AI score0.56268EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2008/08/18 12:0 a.m.60 views

Oracle WebLogic Server mod_wl POST Request Remote Overflow

The Apache web server running on the remote host includes a version of the WebLogic plug-in for Apache modwl that is affected by a buffer overflow. This is an Apache module included with Oracle formerly BEA WebLogic Server and used to proxy requests from an Apache HTTP server to WebLogic. A remot...

10CVSS5.8AI score0.83589EPSS
Exploits9References1
Check Point Advisories
Check Point Advisories
added 2008/08/03 12:0 a.m.45 views

Preemptive Protection against Oracle WebLogic Server Apache Connector HTTP Version String Buffer Vulnerability

A string buffer overflow vulnerability has been reported in Oracle BEA WebLogic Server Apache Connector. BEA WebLogic Server is a Java Application Server platform that supports various databases including Oracle. A remote attacker may exploit this vulnerability to execute arbitrary code on a...

10CVSS7.6AI score0.83589EPSS
Exploits9
CERT
CERT
added 2008/07/29 12:0 a.m.138 views

Oracle Weblogic Apache connector vulnerable to buffer overflow

Overview Oracle Weblogic formerly BEA Weblogic contains a vulnerability which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Weblogic Server and Weblogic Express applicaiton servers can be integrated with the Apache webserver usin...

10CVSS7.2AI score0.83589EPSS
Exploits9References4
Saint
Saint
added 2008/07/25 12:0 a.m.54 views

Oracle WebLogic Server Apache Connector POST buffer overflow

Added: 07/25/2008 CVE: CVE-2008-3257 BID: 30273 OSVDB: 47096 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow in the Apache Connector for WebLogic Server allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.8AI score0.83589EPSS
Exploits9
Saint
Saint
added 2008/07/25 12:0 a.m.41 views

Oracle WebLogic Server Apache Connector POST buffer overflow

Added: 07/25/2008 CVE: CVE-2008-3257 BID: 30273 OSVDB: 47096 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow in the Apache Connector for WebLogic Server allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.8AI score0.83589EPSS
Exploits9
Saint
Saint
added 2008/07/25 12:0 a.m.56 views

Oracle WebLogic Server Apache Connector POST buffer overflow

Added: 07/25/2008 CVE: CVE-2008-3257 BID: 30273 OSVDB: 47096 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow in the Apache Connector for WebLogic Server allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.8AI score0.83589EPSS
Exploits9
Saint
Saint
added 2008/07/25 12:0 a.m.48 views

Oracle WebLogic Server Apache Connector POST buffer overflow

Added: 07/25/2008 CVE: CVE-2008-3257 BID: 30273 OSVDB: 47096 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow in the Apache Connector for WebLogic Server allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.8AI score0.83589EPSS
Exploits9
seebug.org
seebug.org
added 2008/07/23 12:0 a.m.30 views

Oracle Weblogic Apache连接器POST请求远程栈溢出漏洞

BUGTRAQ ID: 30273 WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 WebLogic的Apache连接器实现上存在漏洞,如果远程攻击者向WebLogic的Apache连接器发送了超长的POST请求的话,就可能触发栈溢出,导致执行任意指令。 Oracle WebLogic Server Oracle ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.oracle.com http://www.sebug.net/exploit/4269/...

6.9AI score
Exploits0
Prion
Prion
added 2008/07/22 4:41 p.m.27 views

Stack overflow

Stack-based buffer overflow in the Apache Connector modwl in Oracle WebLogic Server formerly BEA WebLogic Server 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request...

10CVSS7.9AI score0.83589EPSS
Exploits9References12Affected Software1
CVE
CVE
added 2008/07/22 4:0 p.m.128 views

CVE-2008-3257

CVE-2008-3257 describes a stack-based buffer overflow in the Oracle WebLogic Server Apache Connector (mod_wl) that affects WebLogic Server 10.3 and earlier. The overflow occurs when handling a long HTTP version string in a POST request, allowing remote attackers to potentially execute arbitrary c...

10CVSS7.4AI score0.83589EPSS
Exploits9References12Affected Software4
Cvelist
Cvelist
added 2008/07/22 4:0 p.m.44 views

CVE-2008-3257

Stack-based buffer overflow in the Apache Connector modwl in Oracle WebLogic Server formerly BEA WebLogic Server 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request...

7.5AI score0.83589EPSS
Exploits9References12
Cvelist
Cvelist
added 2008/07/15 11:0 p.m.20 views

CVE-2008-2581

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer...

5.9AI score0.01748EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2007/10/18 12:0 a.m.40 views

Solaris 8 (sparc) : 124672-20

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful...

5CVSS6.3AI score0.68914EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.34 views

Solaris 10 (sparc) : 124672-20 (deprecated)

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful...

6.4AI score0.68914EPSS
Exploits9References4
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.51 views

Solaris 9 (x86) : 124673-20

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful...

5CVSS6.3AI score0.68914EPSS
Exploits9References4
Rows per page
Query Builder