1. CVE-Search
  2. CVE-2005-4751
ID CVE-2005-4751
Summary Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and WebLogic Express 9.0, 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier allow remote attackers to inject arbitrary web script or HTML and gain administrative privileges via unknown attack vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp1:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp1:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp2:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp2:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp3:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp3:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp4:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp4:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp5:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp5:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp6:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp6:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp6:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp6:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp4:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp4:express:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:9.0:*:express:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:9.0:*:express:*:*:*:*:*
CVSS
Base: 6.8 (as of 27-09-2018 - 21:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bea BEA05-80.02
bid 15052
secunia 17138
Last major update 27-09-2018 - 21:39
Published 31-12-2005 - 05:00
Last modified 27-09-2018 - 21:39
Back to Top