Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2579

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2579
Last Modified 22 Oct 2012 10:48:37
Published 15 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2579

Summary

Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.

Vulnerable Systems

Application

  • Apache Http Server

  • Microsoft Internet Information Server

  • Oracle Bea Product Suite 10.0

  • Oracle Bea Product Suite 6.1

  • Oracle Bea Product Suite 7.0

  • Oracle Bea Product Suite 8.1

  • Oracle Bea Product Suite 9.0

  • Oracle Bea Product Suite 9.1

  • Oracle Bea Product Suite 9.2

  • Oracle Weblogic Server Component 10.0

  • Oracle Weblogic Server Component 6.1

  • Oracle Weblogic Server Component 7.0

  • Oracle Weblogic Server Component 8.1

  • Oracle Weblogic Server Component 9.0

  • Oracle Weblogic Server Component 9.1

  • Oracle Weblogic Server Component 9.2

  • Sun Java System Web Server

  • Sun One Web Server


References

XF - oracle-weblogic-plugins-unauth-access(43823)

VUPEN - ADV-2008-2115

VUPEN - ADV-2008-2109

SECTRACK - 1020498

CONFIRM - http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2008.html

SECUNIA - 31113

SECUNIA - 31087

JVNDB - JVNDB-2008-000040

JVN - JVN#81667751

HP - HPSBMA02133

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html

HP - SSRT061201


Last Updated: 27 May 2016 11:01:03