CVSS: 10.0EPSS: 96%CPEs: 7EXPL: 2CVE-2008-5457 – BEA WebLogic - JSESSIONID Cookie Value Overflow
https://notcve.org/view.php?id=CVE-2008-5457
Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle BEA WebLogic Server Plugins para Apache, Sun y IIS web servers en BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1, 9.0, 8.1, SP6, 7.0 y SP7 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad mediante vectores desconocidos. • https://www.exploit-db.com/exploits/16762 https://www.exploit-db.com/exploits/8336 http://secunia.com/advisories/33526 http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html http://www.securityfocus.com/bid/33177 http://www.securitytracker.com/id?1021571 http://www.vupen.com/english/advisories/2009/0115 •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-4010
https://notcve.org/view.php?id=CVE-2008-4010
Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI tags." Una vulnerabilidad no especificada en el componente WebLogic Workshop en BEA Product Suite versiones 10.3, 10.2, 10.0 MP1, 9.2 MP3 y 8.1 SP6, permite a los atacantes remotos afectar a la confidencialidad, integridad y disponibilidad por medio de desconocidos vectores relacionados con "some NetUI tags". • http://secunia.com/advisories/32302 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securitytracker.com/id?1021056 http://www.vupen.com/english/advisories/2008/2825 https://exchange.xforce.ibmcloud.com/vulnerabilities/45909 https://support.bea.com/application_content/product_portlets/securityadvisories/2803.html •
CVSS: 10.0EPSS: 97%CPEs: 8EXPL: 1CVE-2008-4008 – BEA Weblogic - Transfer-Encoding Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-4008
Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter. Una vulnerabilidad sin especificar en el plugin de WebLogic Server para el componente Apache del BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, y 6.1 SP7 permite afectar la confidencialidad, integridad y disponibilidad a atacantes remotos a través de vectores desconocidos. • https://www.exploit-db.com/exploits/16796 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=751 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securitytracker.com/id?1021056 http://www.vupen.com/english/advisories/2008/2825 •