Vulnerabilities > BEA > Weblogic Server > 6.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2142 | Unspecified vulnerability in BEA Weblogic Integration and Weblogic Server An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension. | 7.5 |
| 2002-10-04 | CVE-2002-1030 | Denial of Service vulnerability in BEA Systems WebLogic Server and Express Race Condition Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections. | 2.6 |
| 2002-03-25 | CVE-2002-0106 | Denial of Service vulnerability in BEA Weblogic Server 6.1 BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name. | 5.0 |