CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

BEA : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2008-0901 255 2008-02-22 2008-09-05
7.1
None Remote Medium Not required Complete None None
BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
2 CVE-2008-0897 264 Bypass 2008-02-22 2008-09-05
7.9
None Remote Medium Single system Complete Complete None
Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member destination, related to durable subscriptions.
3 CVE-2008-0870 59 2008-02-20 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
4 CVE-2007-6384 287 2007-12-14 2008-11-15
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 through 3.6 SP1 allows remote attackers to obtain application file and resource access via unspecified vectors.
5 CVE-2007-4618 DoS 2007-08-30 2008-11-15
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 and 7.0 Gold through SP7 allows remote attackers to cause a denial of service (disk consumption) via certain malformed HTTP headers.
6 CVE-2007-4617 DoS 2007-08-30 2008-11-15
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote attackers to cause a denial of service (server thread hang) via unspecified vectors.
7 CVE-2007-4614 264 Bypass 2007-08-30 2008-11-13
7.5
None Remote Low Not required Partial Partial Partial
BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended restrictions, a different vulnerability than CVE-2007-0426.
8 CVE-2007-2705 Dir. Trav. 2007-05-15 2012-11-05
7.8
None Remote Low Not required Complete None None
Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.
9 CVE-2007-2699 2007-05-15 2008-11-15
7.1
Admin Remote High Single system Complete Complete Complete
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files.
10 CVE-2007-0432 Bypass 2007-01-22 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities.
11 CVE-2007-0425 Overflow +Priv 2007-01-22 2008-11-13
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5, and JRockit 1.4.2 R4.5 and earlier, allows attackers to gain privileges via unspecified vectors, related to an "overflow condition," probably a buffer overflow.
12 CVE-2007-0418 2007-01-22 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods.
13 CVE-2007-0416 Bypass 2007-01-22 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote attackers to bypass application security.
14 CVE-2007-0408 2007-01-22 2008-11-13
7.5
User Remote Low Not required Partial Partial Partial
BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote attackers to obtain access via an untrusted X.509 certificate.
15 CVE-2006-2470 Bypass 2006-05-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow attackers to bypass intended policies.
16 CVE-2006-2469 +Priv 2006-05-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and password in cleartext in the WebLogic Server log when access to a web application or protected JWS fails, which allows attackers to gain privileges.
17 CVE-2006-0428 2006-01-25 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets (WSRP), allows remote attackers to access restricted web resources via crafted URLs.
18 CVE-2006-0426 +Priv 2006-01-25 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges.
19 CVE-2006-0423 +Priv 2006-01-25 2009-09-16
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS Authentication provider in cleartext in the config.xml file, which allows attackers to gain privileges.
20 CVE-2005-4765 2005-12-31 2008-09-05
7.6
Admin Remote High Not required Complete Complete Complete
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 SP6 and earlier, when using the weblogic.Deployer command with the t3 protocol, does not use the secure t3s protocol even when an Administration port is enabled on the Administration server, which might allow remote attackers to sniff the connection.
21 CVE-2005-4764 DoS 2005-12-31 2008-09-05
7.8
None Remote Low Not required Complete None None
BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out the admin user account after multiple incorrect password guesses, which allows remote attackers who know or guess the admin account name to cause a denial of service (blocked admin logins).
22 CVE-2005-4763 2005-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier, when Internet Inter-ORB Protocol (IIOP) is used, sometimes include a password in an exception message that is sent to a client or stored in a log file, which might allow remote attackers to perform unauthorized actions.
23 CVE-2005-4762 +Priv 2005-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier sometimes stores the boot password in the registry in cleartext, which might allow local users to gain administrative privileges.
24 CVE-2005-4757 Bypass 2005-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass intended servlet protections.
25 CVE-2005-4756 +Priv 2005-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to gain privileges.
26 CVE-2005-4750 DoS 2005-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP5 and earlier, and 6.1 SP7 and earlier allow remote attackers to cause a denial of service (server thread hang) via unknown attack vectors.
27 CVE-2005-1744 2005-05-24 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without having to log in again, which may be in violation of newly changed security constraints or role mappings.
28 CVE-2005-1743 2005-05-24 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions.
29 CVE-2004-1755 +Priv 2004-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges.
30 CVE-2004-0711 Bypass 2004-07-27 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if they were the legal "/*" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected.
31 CVE-2004-0652 2004-08-06 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods.
32 CVE-2004-0470 2004-07-07 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not have a principal-name tag, which can remove intended access restrictions for the associated web application.
33 CVE-2004-0204 Dir. Trav. 2004-08-06 2013-09-10
7.5
User Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.
34 CVE-2003-1094 Exec Code +Priv 2003-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges.
35 CVE-2003-0151 Exec Code 2003-03-24 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.
36 CVE-2002-2142 2002-12-31 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension.
37 CVE-2002-2141 2002-12-31 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB) on more than one server, will remove the security constraints and roles on all servers for any Servlets or EJB that are used by an application that is undeployed on one server, which could allow remote attackers to conduct unauthorized activities in violation of the intended restrictions.
38 CVE-2000-1238 Bypass 2000-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
Total number of vulnerabilities : 38   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.