RSS   Vulnerabilities for 'Weblogic express'   RSS

2008-02-22
 
CVE-2008-0903

CWE-noinfo
 

 
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.

 
 
CVE-2008-0900

CWE-264
 

 
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.

 

 >>> Vendor: Bea systems 8 Products
Weblogic server
Weblogic portal
Aqualogic interaction
Plumtree foundation
Weblogic
Weblogic express
Plumtree collaboration
Apache connector in weblogic server


Copyright 2024, cxsecurity.com

 

Back to Top