Vulnerabilities > CVE-2008-0903 - Denial-Of-Service vulnerability in BEA Systems Weblogic Express and Weblogic Server

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

bea-systems

NVD

Published: 2008-02-22

Updated: 2011-03-08

Summary

Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.

Vulnerable Configurations

Part	Description	Count
Application	Bea_Systems BEA Systems Weblogic Express * BEA Systems Weblogic Server *	2

References

http://dev2dev.bea.com/pub/advisory/275
http://secunia.com/advisories/29041
http://www.securitytracker.com/id?1019450
http://www.vupen.com/english/advisories/2008/0608/references