Lucene search
K

9 matches found

Circl
Circl
added 2010/07/08 12:0 a.m.24 views

CVE-2008-4008

creationtimestamp| type| source ---|---|--- 2010-07-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16796 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/beaweblogictransferencoding.rb 2025-02-06...

10CVSS5.7AI score0.56268EPSS
Exploits9References2
Exploit DB
Exploit DB
added 2010/07/08 12:0 a.m.52 views

BEA Weblogic - Transfer-Encoding Buffer Overflow (Metasploit)

$Id: beaweblogictransferencoding.rb 9744 2010-07-08 23:34:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

10CVSS7AI score0.56268EPSS
Exploits9
Check Point Advisories
Check Point Advisories
added 2009/12/17 12:0 a.m.19 views

Oracle BEA WebLogic Server Apache Connector Buffer Overflow (CVE-2008-4008)

Oracle BEA WebLogic Server is an enterprise-class multi-tier Java Application Server platform. WebLogic is typically used as the platform for large enterprise web applications. It supports various databases including Oracle, DB2, Microsoft SQL Server, MySQL and other JDBC-compliant databases. The...

10CVSS8.3AI score0.56268EPSS
Exploits9
Packet Storm
Packet Storm
added 2009/11/26 12:0 a.m.61 views

BEA Weblogic Transfer-Encoding Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'BEA Weblogic...

10CVSS1AI score0.56268EPSS
Exploits9
seebug.org
seebug.org
added 2008/11/04 12:0 a.m.65 views

Oracle WebLogic Apache连接器远程缓冲区溢出漏洞

CVECAN ID: CVE-2008-4008 WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 WebLogic的Apache连接器实现上存在漏洞,模块做处理请求所带的畸形参数时,未进行长度检查就把字符串拷贝到固定长度的栈缓冲区中,远程攻击者可能利用此漏洞触发栈溢出,导致执行任意指令。 Oracle WebLogic Server Oracle ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

10CVSS6.4AI score0.56268EPSS
Exploits9
Saint
Saint
added 2008/10/31 12:0 a.m.71 views

Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow

Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.7AI score0.56268EPSS
Exploits9
Saint
Saint
added 2008/10/31 12:0 a.m.170 views

Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow

Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.5AI score0.56268EPSS
Exploits9
Saint
Saint
added 2008/10/31 12:0 a.m.66 views

Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow

Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.8AI score0.56268EPSS
Exploits9
CVE
CVE
added 2008/10/14 9:0 p.m.81 views

CVE-2008-4008

CVE-2008-4008 describes a stack-based buffer overflow in the BEA WebLogic Server Apache Connector (mod_wl) affecting WebLogic Server–Apache integration. Affected BEA/Oracle WebLogic versions include 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7. The overflow arises in the Apach...

10CVSS6.3AI score0.56268EPSS
Exploits9References4Affected Software1
Rows per page
Query Builder