CVE-2008-2578 - Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2

CVE-2008-2578

Summary

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2 MP1 has unknown impact and local attack vectors.

References

Vulnerable Configurations

cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack1:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:10.0:-:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:S/C:P/I:P/A:P

refmap via4

confirm	http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
hp	HPSBMA02133 SSRT061201
sectrack	1020498
secunia	31087 31113
vupen	ADV-2008-2109 ADV-2008-2115
xf	oracle-weblogic-log-priv-escalation(43827)

Last major update

12-09-2022 - 14:05

Published

15-07-2008 - 23:41

Last modified

12-09-2022 - 14:05