Lucene search
+L

109 matches found

OSV
OSV
added 2015/11/18 3:59 p.m.3 views

UBUNTU-CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS7.6AI score0.96032EPSS
Exploits17References11
CVE
CVE
added 2015/11/18 3:0 p.m.2129 views

CVE-2015-4852

CVE-2015-4852 describes a remote code execution in Oracle WebLogic Server via deserialization of untrusted data in the WLS Security component. A crafted serialized Java object (via Apache Commons Collections) in T3 protocol traffic to TCP port 7001 can execute arbitrary commands. Affected version...

9.8CVSS8.4AI score0.96032EPSS
In wildExploits17References16Affected Software1
Vulnrichment
Vulnrichment
added 2015/11/18 3:0 p.m.17 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.4AI score0.96032EPSS
Exploits17References15
Cvelist
Cvelist
added 2015/11/18 3:0 p.m.65 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.3AI score0.96032EPSS
Exploits17References15
ATTACKERKB
ATTACKERKB
added 2015/11/18 12:0 a.m.377 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS8.6AI score0.96032EPSS
In wildExploits17References18
Positive Technologies
Positive Technologies
added 2015/11/18 12:0 a.m.4 views

PT-2015-2734

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 10.3.6.0 through 12.2.1.0 Description The issue allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle...

9.8CVSS7.6AI score0.96032EPSS
Exploits17References55
ThreatPost
ThreatPost
added 2014/04/02 1:26 p.m.17 views

Researchers Divulge 30 Oracle Java Cloud Service Bugs

Upset with the vulnerability handling process at Oracle, researchers yesterday disclosed more than two dozen outstanding issues with the company’s Java Cloud Service platform. Researchers at Security Explorations published two reports, complete with proof of concept codes, explaining 30 different...

0.1AI score
Exploits0References4
Cvelist
Cvelist
added 2006/04/01 2:0 a.m.22 views

CVE-2005-4765

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 SP6 and earlier, when using the weblogic.Deployer command with the t3 protocol, does not use the secure t3s protocol even when an Administration port is enabled on the Administration server, which might allow remote attackers to...

6.8AI score0.02075EPSS
Exploits0References3
NVD
NVD
added 2005/12/31 5:0 a.m.17 views

CVE-2005-4765

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 SP6 and earlier, when using the weblogic.Deployer command with the t3 protocol, does not use the secure t3s protocol even when an Administration port is enabled on the Administration server, which might allow remote attackers to...

7.6CVSS6.8AI score0.02075EPSS
Exploits0References3
Rows per page
Query Builder