ID CVE-2016-3445
Summary Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-5488.
References
Vulnerable Configurations
  • Oracle Weblogic Server 10.3.6.0.0
    cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0
  • Oracle Weblogic Server 12.1.3.0.0
    cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0
CVSS
Base: 5.0 (as of 23-11-2016 - 13:37)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
NASL family Misc.
NASL id ORACLE_WEBLOGIC_SERVER_CPU_JUL_2016.NASL
description The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities : - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2016-3445) - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3499) - A remote code execution vulnerability exists in the WLS Core component due to unsafe deserialize calls to the weblogic.corba.utils.MarshallObject object. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary code. (CVE-2016-3510) - An unspecified flaw exists in the WLS Core component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3586)
last seen 2019-02-21
modified 2018-11-15
plugin id 92460
published 2016-07-20
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=92460
title Oracle WebLogic Server Multiple Vulnerabilities (July 2016 CPU)
refmap via4
bid 91787
confirm http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
sectrack 1036373
Last major update 23-11-2016 - 14:57
Published 21-07-2016 - 06:12
Last modified 30-10-2018 - 12:27
Back to Top