Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0682

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0682
Last Modified 05 Sep 2008 04:21:37
Published 20 Oct 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0682

Summary

BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet.

Vulnerable Systems

Application

  • Bea Weblogic Server 5.1


References

BID - 1518

BUGTRAQ - 20000728 BEA's WebLogic force handlers show code vulnerability

OSVDB - 1481

CONFIRM - http://developer.bea.com/alerts/security_000731.html


Last Updated: 27 May 2016 10:35:49