Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4613

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-4613
Last Modified 13 Nov 2008 01:46:26
Published 30 Aug 2007 08:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4613

Summary

SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an error response, a different vulnerability than CVE-2006-2461.

Vulnerable Systems

Application

  • Bea Weblogic Server 6.1

  • Bea Weblogic Server 7.0

  • Bea Weblogic Server 8.1


References

BID - 22082

BEA - BEA07-134.00

OSVDB - 45838


Last Updated: 27 May 2016 10:45:54