Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-2579 (GCVE-0-2008-2579)
Vulnerability from cvelistv5 – Published: 2008-07-15 23:00 – Updated: 2024-08-07 09:05
VLAI?
EPSS
Summary
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "oracle-weblogic-plugins-unauth-access(43823)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "JVN#81667751",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31113"
},
{
"name": "JVNDB-2008-000040",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"name": "1020498",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020498"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "oracle-weblogic-plugins-unauth-access(43823)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "JVN#81667751",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31113"
},
{
"name": "JVNDB-2008-000040",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"name": "1020498",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020498"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "oracle-weblogic-plugins-unauth-access(43823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "JVN#81667751",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"name": "31087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31113"
},
{
"name": "JVNDB-2008-000040",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"name": "1020498",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020498"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2579",
"datePublished": "2008-07-15T23:00:00.000Z",
"dateReserved": "2008-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:05:30.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2008-2579
Vulnerability from fkie_nvd - Published: 2008-07-15 23:41 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:-:*:*:*:apache:*:*",
"matchCriteriaId": "E43B18F0-47F0-4C52-84A9-E16412AA11EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:-:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "BB1EAE5D-3785-4E81-938A-F958FDFC84EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:-:*:*:*:sun:*:*",
"matchCriteriaId": "ECF910A3-E34D-47BC-A3F8-08A217D58C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp1:*:*:*:apache:*:*",
"matchCriteriaId": "572464F2-BA8E-4959-8A7D-D28A236EECE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp1:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "5F252F84-01FE-4888-B53A-BFA6CAB26216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp1:*:*:*:sun:*:*",
"matchCriteriaId": "D1146945-531E-4580-8053-24BC56BE1373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp2:*:*:*:apache:*:*",
"matchCriteriaId": "90DDCE84-39A0-4803-9CE0-40DF773C0662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp2:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "EA030DC7-EF2A-4B79-ADB8-512B9CE8EF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp2:*:*:*:sun:*:*",
"matchCriteriaId": "21FBA4F6-EA8E-4F8A-A302-AB72071FD800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp3:*:*:*:apache:*:*",
"matchCriteriaId": "E8A8FA50-834E-456D-8C98-EE3E9C10A0E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp3:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "1932701E-91D9-4CD4-B638-F08E2C31249A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp3:*:*:*:sun:*:*",
"matchCriteriaId": "0AB6AA30-6FEE-404B-AB02-86761D8292E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp4:*:*:*:apache:*:*",
"matchCriteriaId": "0546FC1E-398A-472B-9BCA-66E25C1609D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp4:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "4EA30379-D3CB-4855-B173-0D66F1A8DECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp4:*:*:*:sun:*:*",
"matchCriteriaId": "53F70A3E-F0CF-4E5F-BD0C-A2FCCD445751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp5:*:*:*:apache:*:*",
"matchCriteriaId": "7056642D-2BB6-46AA-811B-C1E13664D75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp5:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "90B880DB-DF75-4288-B851-3D89CA878B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp5:*:*:*:sun:*:*",
"matchCriteriaId": "BCC2A90C-0047-4B59-AF08-3BBA59AC9E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp6:*:*:*:apache:*:*",
"matchCriteriaId": "B1D6291B-8E48-4BCB-8A07-C3F5412C7428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp6:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "DD552EC5-347B-4531-8EEA-E59437EEA31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp6:*:*:*:sun:*:*",
"matchCriteriaId": "C9D10658-03C8-4851-8704-175BBB7311EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp7:*:*:*:apache:*:*",
"matchCriteriaId": "D830D8DD-1961-4253-8D46-799323AEB6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp7:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "C904ADAB-F88B-43F8-BB27-4C9C0F6B2852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:6.1:sp7:*:*:*:sun:*:*",
"matchCriteriaId": "A6E954B4-BE8D-4D01-A8CF-C41B7323B64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:-:*:*:*:apache:*:*",
"matchCriteriaId": "53D5FE9F-2257-45F0-A4DA-A5353EDC41B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:-:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "8D21D045-53F9-4C82-9E41-DF57E0501E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:-:*:*:*:sun:*:*",
"matchCriteriaId": "E6CE412C-27FE-46E7-A031-29E3CCE56F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp1:*:*:*:apache:*:*",
"matchCriteriaId": "F5D08F2B-0F07-4F47-B42E-B32CC08B41FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp1:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "FA064E05-4837-4889-BD06-1EB1DB2BF41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp1:*:*:*:sun:*:*",
"matchCriteriaId": "632C8D94-5C82-4811-A6DA-DC81C23A8933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp2:*:*:*:apache:*:*",
"matchCriteriaId": "6178B9BA-90B6-4125-A4D0-D61163964906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp2:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "FB4C2A78-CEF7-42A8-B14E-61A54D3CAECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp2:*:*:*:sun:*:*",
"matchCriteriaId": "D3E58951-01C8-4A15-A115-E640DC6CD6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp3:*:*:*:apache:*:*",
"matchCriteriaId": "DD9F4E94-5232-449E-B27E-5654FEB6B0ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp3:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "A6E7775D-2A02-40EF-A94D-1C8316D7116B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp3:*:*:*:sun:*:*",
"matchCriteriaId": "2DE7CBE2-37F1-4250-8ACF-6E7A1E29D2A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp4:*:*:*:apache:*:*",
"matchCriteriaId": "2A3E3090-12B7-49F1-B33E-18F1CA875DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp4:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "1F430843-4C31-4CF9-B5F8-C4D2B61B2981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp4:*:*:*:sun:*:*",
"matchCriteriaId": "5DFC1E55-880C-481D-A4E0-24CFB6E7CC1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp5:*:*:*:apache:*:*",
"matchCriteriaId": "87FAECDC-4B58-405D-AEF3-F7CD6706D07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp5:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "366A3C71-505F-49E3-8B06-D2E3DC8ED458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp5:*:*:*:sun:*:*",
"matchCriteriaId": "87646B76-6B7B-410E-8049-3492111CB52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp6:*:*:*:apache:*:*",
"matchCriteriaId": "00946481-536A-4202-8CAA-C36A234F1BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp6:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "AD51247A-3D9C-41F0-A339-BAFA12A6D9D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp6:*:*:*:sun:*:*",
"matchCriteriaId": "1239B3C8-657D-4E53-810E-69CCC42D3A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:apache:*:*",
"matchCriteriaId": "8E20FCB4-CFCD-4323-9455-B3EB781FEF42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "8776D7B7-64C7-46AC-B966-30468DA2501A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:sun:*:*",
"matchCriteriaId": "F4B3C431-7242-4F5E-969D-F5F0DA0A8F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:-:*:*:*:apache:*:*",
"matchCriteriaId": "71F17F89-E92B-4D9C-B716-7763BDB212C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:-:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "DEE183EF-7FDA-4A6C-9383-B146367B667F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:-:*:*:*:sun:*:*",
"matchCriteriaId": "AAFB9DFF-D096-4627-9DCA-1A5F67D44BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp1:*:*:*:apache:*:*",
"matchCriteriaId": "238D1D0F-E1F0-49DA-9109-98DAEF9B7BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp1:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "2E8DAAE1-DEB0-4121-BE3C-A1AE6CC05915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp1:*:*:*:sun:*:*",
"matchCriteriaId": "3D369B05-EB1C-45F7-BB27-B7FEE20E62A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp2:*:*:*:apache:*:*",
"matchCriteriaId": "0F79DAE8-413F-4287-BF51-680CB47F5E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp2:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "C2ABE1D8-7BAE-4B30-9B51-AEF2878F09C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp2:*:*:*:sun:*:*",
"matchCriteriaId": "1BF0B362-C5A6-41A6-B333-7835DEBD71A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp3:*:*:*:apache:*:*",
"matchCriteriaId": "39F54918-9C4D-40EF-A23E-47761DA374A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp3:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "175DD532-2221-4FF7-8B87-89F01B5D91E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp3:*:*:*:sun:*:*",
"matchCriteriaId": "2DB01146-81F5-45D1-9590-E37C4216618F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp4:*:*:*:apache:*:*",
"matchCriteriaId": "065415C0-1C0E-49D3-8F00-0BC703BE2F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp4:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "62E605DA-64A4-43B3-A9CC-8AB60636AFF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp4:*:*:*:sun:*:*",
"matchCriteriaId": "D38D058D-0BBF-41FC-8BA7-6B318E0D9FD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp5:*:*:*:apache:*:*",
"matchCriteriaId": "F658C32E-C751-4D6E-ACB0-015B65B31BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp5:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "F72742DD-2682-4E7F-9A01-E93EF2C70F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp5:*:*:*:sun:*:*",
"matchCriteriaId": "E57BC804-B660-4165-8CD8-727254869133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:apache:*:*",
"matchCriteriaId": "6513014C-7DE6-4D28-852C-787A8E9CF970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "D8892EFD-2EB8-4FA5-84E1-447D47D608FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:sun:*:*",
"matchCriteriaId": "92808D75-AE0B-44A2-BC26-17B7BCBBA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:apache:*:*",
"matchCriteriaId": "675BDBAC-1956-493E-B493-BB6C098DA65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "875D5372-2807-42B2-8688-9160794E897E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:sun:*:*",
"matchCriteriaId": "1328142F-E9B8-4D44-B4F1-4CBC2FCB5504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.0:maintenance_pack3:*:*:*:apache:*:*",
"matchCriteriaId": "AA0C1AEE-124D-41C9-815B-BCE5FA0B146C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.0:maintenance_pack3:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "307716C2-D09B-4B43-9435-A62106909ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.0:maintenance_pack3:*:*:*:sun:*:*",
"matchCriteriaId": "D4106FD7-CEB0-41E2-9A32-850C11F3A39C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:apache:*:*",
"matchCriteriaId": "CF3915B8-1D82-4306-A7D4-0C72D04C653B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "D9F541C4-3A4B-4647-81A1-9BD6E106A0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:sun:*:*",
"matchCriteriaId": "9137FA52-1E72-495A-9440-05F4BA71CB04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.1:maintenance_pack3:*:*:*:apache:*:*",
"matchCriteriaId": "E3A83D20-89F3-4D9C-9D21-E5A2FDBA248D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.1:maintenance_pack3:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "D6B43644-C1D5-44AC-B6BF-9935EBC604C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.1:maintenance_pack3:*:*:*:sun:*:*",
"matchCriteriaId": "247B2940-F6BC-417C-9D5A-46E0202900AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:-:*:*:*:apache:*:*",
"matchCriteriaId": "12D35456-F34C-49C3-86BB-C58D5F7C0616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:-:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "64A48C05-80EC-4103-8904-855A8EA3FE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:-:*:*:*:sun:*:*",
"matchCriteriaId": "7F19C69B-64D3-4BF1-A5B0-4C42E00369FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:apache:*:*",
"matchCriteriaId": "C3E8FEAE-8F5D-417E-87CA-A56D05C08846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "07CB3132-5711-48C5-9528-FE020F2C4E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:sun:*:*",
"matchCriteriaId": "C2282A0E-2083-4676-8394-918011E047B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack2:*:*:*:apache:*:*",
"matchCriteriaId": "E40165F2-3278-4943-AE51-5699653BFDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack2:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "D022F5CD-9942-41AF-98A6-1EACFB83B760",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack2:*:*:*:sun:*:*",
"matchCriteriaId": "22C9B7EA-1EA6-4FC9-82B1-75C03579001E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:apache:*:*",
"matchCriteriaId": "D008650F-05BF-435E-AC81-E42D38AD442E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "6EA45D27-74DD-49BC-B574-B77F3186713B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:sun:*:*",
"matchCriteriaId": "1512C1C3-17BF-4BA5-A8FD-A3E469FB1A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:apache:*:*",
"matchCriteriaId": "D20F2359-2408-4517-AE0E-2CC9604C8F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "35E44B52-683E-4242-8FFC-C28448CE8ABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:sun:*:*",
"matchCriteriaId": "C4419213-8283-4C97-BEA5-793475FD03BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack1:*:*:*:apache:*:*",
"matchCriteriaId": "A33CB38D-6A2B-477A-B22B-6DE2BE96FB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack1:*:*:*:internet_information_services:*:*",
"matchCriteriaId": "A843E056-9160-4834-A5C5-A812EF0CB628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack1:*:*:*:sun:*:*",
"matchCriteriaId": "19C2ED85-0A82-41B2-A9B5-BCD35DD5EE97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente WebLogic Server Plugins para Apache, servidores web Sun e IIS en BEA Product Suite de Oracle versiones 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7 y 6.1 SP7, presenta un impacto desconocido y vectores de ataque remotos."
}
],
"id": "CVE-2008-2579",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-15T23:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31087"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31113"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020498"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTA-2008-AVI-367
Vulnerability from certfr_avis - Published: 2008-07-16 - Updated: 2008-07-16
De nombreuses vulnérabilités affectent les produits Oracle. L'exploitation de certaines d'entre elles permet à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
Onze vulnérabilités affectent les bases de données Oracle Database. Deux sont exploitables localement. L'exploitation à distance des neuf autres demande une authentification préalable. Un utilisateur malveillant exploitant ces vulnérabilités peut exécuter du code arbitraire à distance ou accéder indûment aux données.
Trois vulnérabilités concernent Oracle TimesTen in-Memory Database. Leur exploitation permet à un utilisateur malveillant de provoquer un déni de service à distance, sans requérir d'authentification.
Neuf vulnérabilités affectent Oracle Application Server. Elle permettent à un utilisateur malveillant non authentifié de provoquer un déni de service à distance, de modifier ou de lire des données de manière illégitime.
Six vulnérabilités de E-businees Suite permettent de porter atteinte à la confidentialité ou à l'intégrité des données.
Deux vulnérabilités affectent Oracle Enterprise Manager. Leur exploitation permet à un utilisateur malveillant de porter atteinte à l'intégrité des données, à distance.
Sept vulnérabilités dans les produits Oracle PeopleSoft permettent à un utilisateur malveillant disposant d'une session valide de provoquer un déni de service à distance, de modifier ou de lire indûment des données.
Sept vulnérabilités sont présentes dans les serveurs Oracle WebLogic, dont quatre sont exploitables à distance sans authentification, une avec authentification et deux localement. Elles permettent à un utilisateur malveillant de provoquer un déni de service à distance, de modifier ou de lire des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Weblogic | Oracle Application Server 10g ; | ||
| Oracle | Weblogic | Oracle Hyperion Performance Suite 8.x ; | ||
| Oracle | Weblogic | Oracle E-business Suite 12 et 11i ; | ||
| Oracle | Weblogic | Oracle PeopleSoft Entreprise CRM 8.x et 9.x ; | ||
| Oracle | Weblogic | Oracle Hyperion Bi Plus 9.x ; | ||
| Oracle | Weblogic | Oracle Weblogic Server 6, 7,8,9 et 10.x. | ||
| Oracle | Weblogic | Oracle Database 11g, 10g et 9i ; | ||
| Oracle | Weblogic | Oracle Enterprise Manager Grid Control 10g ; | ||
| Oracle | Weblogic | Oracle PeopleSoft Entreprise PeopleTools 8.x ; | ||
| Oracle | Weblogic | Oracle Enterprise Manager Database Control 11 et 10g ; | ||
| Oracle | Weblogic | Oracle TimesTen in-Memory Database ; |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Application Server 10g ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Hyperion Performance Suite 8.x ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle E-business Suite 12 et 11i ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Entreprise CRM 8.x et 9.x ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Hyperion Bi Plus 9.x ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Weblogic Server 6, 7,8,9 et 10.x.",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database 11g, 10g et 9i ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Enterprise Manager Grid Control 10g ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft Entreprise PeopleTools 8.x ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Enterprise Manager Database Control 11 et 10g ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle TimesTen in-Memory Database ;",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nOnze vuln\u00e9rabilit\u00e9s affectent les bases de donn\u00e9es Oracle Database. Deux\nsont exploitables localement. L\u0027exploitation \u00e0 distance des neuf autres\ndemande une authentification pr\u00e9alable. Un utilisateur malveillant\nexploitant ces vuln\u00e9rabilit\u00e9s peut ex\u00e9cuter du code arbitraire \u00e0\ndistance ou acc\u00e9der ind\u00fbment aux donn\u00e9es.\n\nTrois vuln\u00e9rabilit\u00e9s concernent Oracle TimesTen in-Memory Database. Leur\nexploitation permet \u00e0 un utilisateur malveillant de provoquer un d\u00e9ni de\nservice \u00e0 distance, sans requ\u00e9rir d\u0027authentification.\n\nNeuf vuln\u00e9rabilit\u00e9s affectent Oracle Application Server. Elle permettent\n\u00e0 un utilisateur malveillant non authentifi\u00e9 de provoquer un d\u00e9ni de\nservice \u00e0 distance, de modifier ou de lire des donn\u00e9es de mani\u00e8re\nill\u00e9gitime.\n\nSix vuln\u00e9rabilit\u00e9s de E-businees Suite permettent de porter atteinte \u00e0\nla confidentialit\u00e9 ou \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n\nDeux vuln\u00e9rabilit\u00e9s affectent Oracle Enterprise Manager. Leur\nexploitation permet \u00e0 un utilisateur malveillant de porter atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es, \u00e0 distance.\n\nSept vuln\u00e9rabilit\u00e9s dans les produits Oracle PeopleSoft permettent \u00e0 un\nutilisateur malveillant disposant d\u0027une session valide de provoquer un\nd\u00e9ni de service \u00e0 distance, de modifier ou de lire ind\u00fbment des donn\u00e9es.\n\nSept vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans les serveurs Oracle WebLogic,\ndont quatre sont exploitables \u00e0 distance sans authentification, une avec\nauthentification et deux localement. Elles permettent \u00e0 un utilisateur\nmalveillant de provoquer un d\u00e9ni de service \u00e0 distance, de modifier ou\nde lire des donn\u00e9es.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-2621",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2621"
},
{
"name": "CVE-2008-2592",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2592"
},
{
"name": "CVE-2008-2577",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2577"
},
{
"name": "CVE-2008-2608",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2608"
},
{
"name": "CVE-2008-2607",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2607"
},
{
"name": "CVE-2008-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2597"
},
{
"name": "CVE-2008-2612",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2612"
},
{
"name": "CVE-2008-2606",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2606"
},
{
"name": "CVE-2008-2617",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2617"
},
{
"name": "CVE-2008-2605",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2605"
},
{
"name": "CVE-2008-2616",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2616"
},
{
"name": "CVE-2008-2578",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2578"
},
{
"name": "CVE-2008-2586",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2586"
},
{
"name": "CVE-2008-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2602"
},
{
"name": "CVE-2008-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2598"
},
{
"name": "CVE-2008-2596",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2596"
},
{
"name": "CVE-2008-2590",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2590"
},
{
"name": "CVE-2008-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2582"
},
{
"name": "CVE-2008-2610",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2610"
},
{
"name": "CVE-2008-2587",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2587"
},
{
"name": "CVE-2008-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2583"
},
{
"name": "CVE-2008-2594",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2594"
},
{
"name": "CVE-2008-2611",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2611"
},
{
"name": "CVE-2008-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2609"
},
{
"name": "CVE-2008-2595",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2595"
},
{
"name": "CVE-2008-2615",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2615"
},
{
"name": "CVE-2008-2580",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2580"
},
{
"name": "CVE-2008-2614",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2614"
},
{
"name": "CVE-2008-2593",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2593"
},
{
"name": "CVE-2008-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2581"
},
{
"name": "CVE-2008-2613",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2613"
},
{
"name": "CVE-2008-2585",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2585"
},
{
"name": "CVE-2008-2600",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2600"
},
{
"name": "CVE-2008-2604",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2604"
},
{
"name": "CVE-2008-2576",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2576"
},
{
"name": "CVE-2008-2620",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2620"
},
{
"name": "CVE-2008-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2588"
},
{
"name": "CVE-2007-1359",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1359"
},
{
"name": "CVE-2008-2584",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2584"
},
{
"name": "CVE-2008-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2603"
},
{
"name": "CVE-2008-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2618"
},
{
"name": "CVE-2008-2589",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2589"
},
{
"name": "CVE-2008-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2599"
},
{
"name": "CVE-2008-2591",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2591"
},
{
"name": "CVE-2008-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2601"
},
{
"name": "CVE-2008-2622",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2622"
},
{
"name": "CVE-2008-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2579"
}
],
"initial_release_date": "2008-07-16T00:00:00",
"last_revision_date": "2008-07-16T00:00:00",
"links": [
{
"title": "Bulletin de mise \u00e0 jour Oracle du 14 juillet 2008 :",
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2008.html"
}
],
"reference": "CERTA-2008-AVI-367",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De nombreuses vuln\u00e9rabilit\u00e9s affectent les produits \u003cspan\nclass=\"textit\"\u003eOracle\u003c/span\u003e. L\u0027exploitation de certaines d\u0027entre elles\npermet \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle et Weblogic",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin Oracle du 14 juillet 2008",
"url": null
}
]
}
GSD-2008-2579
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2008-2579",
"description": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.",
"id": "GSD-2008-2579"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2008-2579"
],
"details": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.",
"id": "GSD-2008-2579",
"modified": "2023-12-13T01:23:00.918332Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "oracle-weblogic-plugins-unauth-access(43823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "JVN#81667751",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"name": "31087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31113"
},
{
"name": "JVNDB-2008-000040",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"name": "1020498",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020498"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:-:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:-:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:-:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp1:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp1:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp1:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp2:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp2:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp2:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp3:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp3:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp3:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp4:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp4:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp4:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp5:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp5:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp5:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp6:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp6:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp6:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp7:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp7:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:6.1:sp7:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:-:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:-:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:-:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp1:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp1:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp1:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp2:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp2:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp2:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp3:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp3:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp3:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp4:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp4:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp4:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp5:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp5:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp5:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp6:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp6:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp6:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:-:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:-:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:-:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp1:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp1:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp1:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp2:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp2:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp2:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp3:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp3:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp3:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp4:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp4:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp4:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp5:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp5:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp5:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.0:maintenance_pack3:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.0:maintenance_pack3:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.0:maintenance_pack3:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.1:maintenance_pack3:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.1:maintenance_pack3:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.1:maintenance_pack3:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:-:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:-:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:-:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack2:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack2:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack2:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack1:*:*:*:apache:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack1:*:*:*:internet_information_services:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack1:*:*:*:sun:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2579"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31113",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31113"
},
{
"name": "1020498",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020498"
},
{
"name": "SSRT061201",
"refsource": "HP",
"tags": [
"Broken Link"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "31087",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "JVNDB-2008-000040",
"refsource": "JVNDB",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"name": "JVN#81667751",
"refsource": "JVN",
"tags": [
"Third Party Advisory"
],
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"name": "ADV-2008-2115",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "ADV-2008-2109",
"refsource": "VUPEN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "oracle-weblogic-plugins-unauth-access(43823)",
"refsource": "XF",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2020-10-14T13:18Z",
"publishedDate": "2008-07-15T23:41Z"
}
}
}
JVNDB-2008-000040
Vulnerability from jvndb - Published: 2008-07-24 14:22 - Updated:2008-07-24 14:22Summary
Directory traversal vulnerability in WebLogic Server and WebLogic Express plug-ins
Details
WebLogic Server and WebLogic Express are application servers provided by Oracle (formerly BEA Systems, Inc.).
Plug-ins included in WebLogic Server and WebLogic Express contain a directory traversal vulnerability.
WebLogic Server and WebLogic Express are application servers based on Java Platform Enterprise Edition 5 (JavaEE5) and provided by Oracle (formerly BEA Systems, Inc.). Plug-ins for Apache, Sun, and Microsoft IIS web servers which are included in WebLogic Server and WebLogic Express contain a directory traversal vulnerability.
Due to the acquisition of BEA Systems, Inc. by Oracle on 2008 April 29, any security related information of BEA products will be included in Oracle Critical Patch Updates. For more information, please refer to the following pages.
Hirofumi Oka of NRI SecureTechnologies,Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000040.html",
"dc:date": "2008-07-24T14:22+09:00",
"dcterms:issued": "2008-07-24T14:22+09:00",
"dcterms:modified": "2008-07-24T14:22+09:00",
"description": "WebLogic Server and WebLogic Express are application servers provided by Oracle (formerly BEA Systems, Inc.).\r\nPlug-ins included in WebLogic Server and WebLogic Express contain a directory traversal vulnerability. \r\n\r\nWebLogic Server and WebLogic Express are application servers based on Java Platform Enterprise Edition 5 (JavaEE5) and provided by Oracle (formerly BEA Systems, Inc.). Plug-ins for Apache, Sun, and Microsoft IIS web servers which are included in WebLogic Server and WebLogic Express contain a directory traversal vulnerability. \r\n\r\nDue to the acquisition of BEA Systems, Inc. by Oracle on 2008 April 29, any security related information of BEA products will be included in Oracle Critical Patch Updates. For more information, please refer to the following pages.\r\n\r\nHirofumi Oka of NRI SecureTechnologies,Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000040.html",
"sec:cpe": [
{
"#text": "cpe:/a:oracle:weblogic_express",
"@product": "Oracle WebLogic Express",
"@vendor": "Oracle Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:oracle:weblogic_server",
"@product": "Oracle WebLogic Server",
"@vendor": "Oracle Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000040",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN81667751/index.html",
"@id": "JVN#81667751",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/tr/TRJVN-2008-03/index.html",
"@id": "TRJVN-2008-03",
"@source": "JVNTR"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2579",
"@id": "CVE-2008-2579",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2579",
"@id": "CVE-2008-2579",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Directory traversal vulnerability in WebLogic Server and WebLogic Express plug-ins"
}
GHSA-JVXH-GCPM-GM43
Vulnerability from github – Published: 2022-05-01 23:51 – Updated: 2022-05-01 23:51
VLAI?
Details
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
{
"affected": [],
"aliases": [
"CVE-2008-2579"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-07-15T23:41:00Z",
"severity": "HIGH"
},
"details": "Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.",
"id": "GHSA-jvxh-gcpm-gm43",
"modified": "2022-05-01T23:51:21Z",
"published": "2022-05-01T23:51:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2579"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43823"
},
{
"type": "WEB",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"type": "WEB",
"url": "http://jvn.jp/en/jp/JVN81667751/index.html"
},
{
"type": "WEB",
"url": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000040.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31087"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31113"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1020498"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2115"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…