Vulnerabilities > BEA > Weblogic Server > 9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-31 | CVE-2007-4616 | Information Disclosure vulnerability in BEA WebLogic Server Null Cipher Suite The SSL server implementation in BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP1, and 10.0 sometimes selects the null cipher when no other cipher is compatible between the server and client, which might allow remote attackers to intercept communications. | 6.4 |
2007-08-31 | CVE-2007-4615 | Information Disclosure vulnerability in BEA WebLogic Server Null Cipher Suite The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 sometimes selects the null cipher when others are available, which might allow remote attackers to intercept communications. | 6.4 |
2007-05-16 | CVE-2007-2704 | Denial-Of-Service vulnerability in BEA Weblogic Server 9.0/9.1/9.2 BEA WebLogic Server 9.0 through 9.2 allows remote attackers to cause a denial of service (SSL port unavailability) by accessing a half-closed SSL socket. | 5.4 |
2007-01-23 | CVE-2007-0422 | Products Multiple vulnerability in BEA Weblogic Server 9.0/9.1/9.2 BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, allows remote attackers to cause a denial of service (server inaccessibility) via manipulated socket connections. | 5.0 |
2007-01-23 | CVE-2007-0420 | Products Multiple vulnerability in BEA Weblogic Server 9.0/9.1/9.2 BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote attackers to obtain sensitive information via malformed HTTP requests, which reveal data from previous requests. | 5.0 |
2007-01-23 | CVE-2007-0411 | Products Multiple vulnerability in BEA BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote attackers to conduct a man-in-the-middle (MITM) attack. network bea | 6.8 |