82 matches found
EUVD-2003-1213
Malware in sbrugna...
EUVD-2006-0428
Malware in sbrugna...
EUVD-2006-0438
Malware in sbrugna...
EUVD-2006-0439
Malware in sbrugna...
EUVD-2005-4758
Malware in sbrugna...
EUVD-2004-2686
Malware in sbrugna...
EUVD-2005-4752
Malware in sbrugna...
SUSE CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are...
BEA Systems WebLogic Server and Express 7.0 Null Character DoS
No description provided by source. source: http://www.securityfocus.com/bid/4646/info BEA Systems WebLogic Server is an enterprise level web and wireless application server for Microsoft Windows and most Unix and Linux distributions. BEA WebLogic Express provides a platform for serving dynamic da...
BEA Systems WebLogic Express 3.1.8/4/5 Source Code Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/1378/info Within WebLogic Server and WebLogic Express there are four main java servlets registered to serve different kind of files. A default servlet exists if a requested file does not have an assigned servlet. If an ht...
Directory traversal vulnerability in WebLogic Server and WebLogic Express plug-ins
Overview WebLogic Server and WebLogic Express are application servers provided by Oracle formerly BEA Systems, Inc.. Plug-ins included in WebLogic Server and WebLogic Express contain a directory traversal vulnerability. WebLogic Server and WebLogic Express are application servers based on Java...
JVN#81667751 Directory traversal vulnerability in WebLogic Server and WebLogic Express plug-ins
WebLogic Server and WebLogic Express are application servers based on Java Platform Enterprise Edition 5 JavaEE5 and provided by Oracle formerly BEA Systems, Inc.. Plug-ins for Apache, Sun, and Microsoft IIS web servers which are included in WebLogic Server and WebLogic Express contain a director...
CVE-2008-0863
BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks...
Code injection
BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks...
CVE-2008-0863
BEA WebLogic Server and WebLogic Express 9.0/9.1 expose the web service WSDL and security policies, allowing remote retrieval of sensitive information and the potential to launch further attacks. Affected component: WebLogic web services configuration; root cause: exposed WSDL/security policy end...
CVE-2004-2696
BEA WebLogic Server/Express versions 6.1, 7.0, and 8.1 with RMI over IIOP are affected. The issue arises when multiple logins from the same client occur, potentially causing an incorrect or “unexpected user identity” to be used in an RMI call. The available documents describe the affected product...
CVE-2007-2697
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote attackers to more easily conduct brute-force attacks against the...
BEA JRockit Java虚拟机未明堆栈缓冲区溢出漏洞
BEA JRockit JDK为开发和运行使用Java语言编写的应用程序提供了各种工具、实用程序和一个完整的运行时环境。 BEA JRockit在特殊环境下存在溢出问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 BEA WebLogic Server 8.1 BEA WebLogic Platform 8.1 BEA WebLogic Express 8.1 BEA JRockit 1.4.205 补丁下载: BEA WebLogic Server 8.1 BEA WebLogic Server...
CVE-2005-4749
CVE-2005-4749 describes an HTTP request smuggling vulnerability in BEA WebLogic Server and WebLogic Express. Affected products include WebLogic Server/Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier. The flaw allows remote attackers to inject arbitrary HTTP headers via u...
CVE-2005-4761
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier log the Java command line at server startup, which might include sensitive information passwords or keyphrases in the server log file when the -D option is used...