Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0427

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-0427
Last Modified 07 Mar 2011 09:30:01
Published 25 Jan 2006 06:07:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0427

Summary

Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted.

Vulnerable Systems

Application

  • Bea Weblogic Server 8.1

  • Bea Weblogic Server 9.0


References

SECTRACK - 1015528

SECUNIA - 18592

BEA - BEA06-114.00

XF - weblogic-servlets-obtain-information(24291)

VUPEN - ADV-2006-0313

BID - 16358

OSVDB - 22774


Last Updated: 27 May 2016 10:41:38