ID CVE-2007-0410
Summary Unspecified vulnerability in the thread management in BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote attackers to cause a denial of service (thread and system hang) via unspecified "sequences of events."
References
Vulnerable Configurations
  • cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
    cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 17-10-2018 - 19:03)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bea BEA07-137.00
bid 22082
osvdb 38502
sectrack 1017525
secunia 23750
vupen ADV-2007-0213
Last major update 17-10-2018 - 19:03
Published 23-01-2007 - 00:28
Last modified 17-10-2018 - 19:03
Back to Top