Page 2 of 17 results (0.012 seconds)

CVSS: 4.1EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Data Service Integrator (AquaLogic Data Services Platform) en BEA Product Suite v10.3.0, v3.2, v3.0.1, and v3.0 que permite a los usuario locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://osvdb.org/53760 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.oracle.com/technology/deploy/security/wls-security/1005.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022059 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow. Vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite v10.3, v10.0 MP1, v9.2 MP3, v9.1, v9.0, v8.1 SP6, y v7.0 SP7 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad, relacionada con IIS. • http://osvdb.org/53765 http://secunia.com/secunia_research/2009-22 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.oracle.com/technology/deploy/security/wls-security/1012.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022059 http://www.us-cert.gov/cas/techalerts/TA09-105A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/64935 •

CVSS: 5.8EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite v10.3, v10.0 MP1, v9.2 MP3, v9.1, v9.0, v8.1 SP6, y v7.0 SP7 permite a los atacantes afectar a la confidencialidad e integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.oracle.com/technology/deploy/security/wls-security/1002.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022059 http://www.us-cert.gov/cas/techalerts/TA09-105A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/50052 •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Portal en BEA Product Suite v8.1 SP6 que permite a los usuarios autenticados afectar a la confidencialidad e integridad a través de vectores desconocidos. • http://osvdb.org/53767 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.oracle.com/technology/deploy/security/wls-security/1001.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022059 http://www.us-cert.gov/cas/techalerts/TA09-105A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/50053 •

CVSS: 6.8EPSS: 1%CPEs: 7EXPL: 0

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is cross-site scripting. Una vulnerabilidad no especificada en el componente WebLogic Server de Product Suite de BEA versiones 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 y SP7, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad relacionada a WLS. NOTA: la información anterior fue obtenida de la CPU de enero de 2009. • http://jvn.jp/en/jp/JVN93431860/index.html http://secunia.com/advisories/33526 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html http://www.securityfocus.com/bid/33177 http://www.securitytracker.com/id?1021571 http://www.vupen.com/english/advisories/2009/0115 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •