Express

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

bea

NVD

Published: 2003-12-31

Updated: 2008-09-10

Summary

BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Weblogic Server 6.1 BEA Weblogic Server 7.0 BEA Weblogic Server 7.0.0.1 BEA Weblogic Server 8.1	42

References

http://dev2dev.bea.com/pub/advisory/25
http://www.securityfocus.com/bid/9034