Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2461

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2461
Last Modified 07 Mar 2011 09:36:14
Published 19 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2461

Summary

BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic.

Vulnerable Systems

Application

  • Bea Weblogic Server 8.1


References

SECTRACK - 1016102

SECUNIA - 20130

BEA - BEA06-132.00

VUPEN - ADV-2006-1828

XF - weblogic-transaction-channel-insecure(26459)


Last Updated: 27 May 2016 10:42:28