10.0

DATE	CVE	VULNERABILITY TITLE	RISK
2008-02-22	CVE-2008-0900	Permissions, Privileges, and Access Controls vulnerability in multiple products Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors. network bea bea-systems CWE-264	6.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.