ID CVE-2016-3499
Summary Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0 and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container.
References
Vulnerable Configurations
  • Oracle Weblogic Server 12.1.3.0.0
    cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0
  • Oracle Weblogic Server 12.2.1.0.0
    cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0
CVSS
Base: 10.0 (as of 16-08-2016 - 10:50)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Misc.
NASL id ORACLE_WEBLOGIC_SERVER_CPU_JUL_2016.NASL
description The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities : - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2016-3445) - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3499) - A remote code execution vulnerability exists in the WLS Core component due to unsafe deserialize calls to the weblogic.corba.utils.MarshallObject object. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary code. (CVE-2016-3510) - An unspecified flaw exists in the WLS Core component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3586)
last seen 2019-02-21
modified 2018-11-15
plugin id 92460
published 2016-07-20
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=92460
title Oracle WebLogic Server Multiple Vulnerabilities (July 2016 CPU)
refmap via4
bid
  • 91787
  • 92019
confirm http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
sectrack 1036373
Last major update 28-11-2016 - 15:10
Published 21-07-2016 - 06:12
Last modified 30-10-2018 - 12:27
Back to Top