2 matches found
Oracle WebLogic Server Session Fixation (CVE-2010-4437)
A Remote attacker can exploit this vulnerability by enticing an unsuspecting user to first open a specially crafted web page and then log in to the target service. A session fixation vulnerability has been reported in Oracle WebLogic Server. This is a session fixation vulnerability. The...
CVE-2010-4437
CVE-2010-4437 affects Oracle WebLogic Server (Oracle Fusion Middleware) versions 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, 10.3.3. The connected advisories describe a vulnerability in the Servlet Container handling that enables a session fixation scenario via HTTP POST requests. An attacker entices a user...