Published: 13/07/2010 Updated: 30/10/2018

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote malicious users to affect confidentiality and integrity, related to IIS.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle weblogic server 10.3.2.0.0
bea weblogic server 9.2
bea weblogic server 9.0
bea weblogic server 9.1
bea systems weblogic server 10.0
oracle weblogic server 10.3.3.0.0
bea weblogic server 7.0
bea weblogic server 8.1

source: wwwsecurityfocuscom/bid/41620/info Oracle WebLogic Server is prone to a remote vulnerability The vulnerability can be exploited over the 'HTTP' protocol For an exploit to succeed, the attacker must have 'Plugins for Apache, Sun and IIS web servers' privileges This vulnerability affects the following supported versions: 70 SP ...

Virtual Security Research, LLC Security Advisory - Over the last several years, VSR analysts had observed unusual behavior in multiple WebLogic deployments when certain special characters were URL encoded and appended to URLs In late April, 2010 VSR began researching this more in depth and found that the issue could allow for HTTP header injectio ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html https://nvd.nist.gov https://www.exploit-db.com/exploits/34312/

CVE-2010-2375

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect