Vulnerability CVE-2008-2581


Published: 2008-07-15   Modified: 2012-02-12

Description:
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:H/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.1/10
6.4/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Oracle -> Bea product suite 
Oracle -> Weblogic server component 

 References:
http://xforce.iss.net/xforce/xfdb/43824
http://www.vupen.com/english/advisories/2008/2115
http://www.vupen.com/english/advisories/2008/2109/references
http://www.securitytracker.com/id?1020498
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2008.html
http://secunia.com/advisories/31113
http://secunia.com/advisories/31087
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143

Copyright 2020, cxsecurity.com

 

Back to Top