Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 6.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1438
Race condition in BEA WebLogic Server and Express 5.1 up to and including 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended f...
Bea Weblogic Server 7.0
Bea Weblogic Server 5.1
Bea Weblogic Server 6.0
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
NA
CVE-2006-2469
The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and password in cleartext in the WebLogic Server log when access to a web application or protected JWS fails, which allows malicious users to gain privileges.
Bea Weblogic Server 6.1
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 7.0
Bea Weblogic Server 6.0
NA
CVE-2003-1290
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote malicious users to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI).
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
NA
CVE-2003-0151
BEA WebLogic Server and Express 6.0 up to and including 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote malicious users to read arbitrary files or execute arbitrary code.
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0.0.1
NA
CVE-2002-1030
Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote malicious users to cause a denial of service (crash) via a flood of data and connections.
Bea Weblogic Server 5.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0
NA
CVE-2007-4617
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote malicious users to cause a denial of service (server thread hang) via unspecified vectors.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
NA
CVE-2007-4613
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote malicious users to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an err...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
NA
CVE-2002-2142
An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 up to and including 7.0.0.1, does not prepend a "/" character in certain URL pa...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Integration 7.0
NA
CVE-2007-4618
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 and 7.0 Gold through SP7 allows remote malicious users to cause a denial of service (disk consumption) via certain malformed HTTP headers.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.0
NA
CVE-2005-1742
BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role to "shrink or reset JDBC connection pools."
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »