Published: 19/01/2011 Updated: 17/08/2017

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Servlet Container.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle fusion middleware 9.0
oracle fusion middleware 9.1
oracle fusion middleware 10.0.2
oracle fusion middleware 10.3.2
oracle fusion middleware 10.3.3
oracle fusion middleware 9.2.4

Name Oracle WebLogic – Session Fixation Via HTTP POST Request Vendor Website wwworaclecom/ Date Released 11 March 2011 – CVE-2010-4437 Affected Software Oracle WebLogic Server 90, 91, 924, 1002, 1032, 1033 Researcher Roberto Suggi Liverani Description Oracle WebLogic servlet session cookie can be fixated via HTTP POST reque ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45852 http://www.securitytracker.com/id?1024981 http://www.vupen.com/english/advisories/2011/0143 http://secunia.com/advisories/42975 http://osvdb.org/70571 http://securityreason.com/securityalert/8126 https://exchange.xforce.ibmcloud.com/vulnerabilities/64764 https://nvd.nist.gov https://www.exploit-db.com/exploits/16959/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4437

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect