Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1002

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2009-1002
Last Modified 22 Oct 2012 11:04:30
Published 15 Apr 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1002

Summary

Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors.

Vulnerable Systems

Application

  • Oracle Bea Product Suite 10.0

  • Oracle Bea Product Suite 10.3

  • Oracle Bea Product Suite 7.0

  • Oracle Bea Product Suite 8.1

  • Oracle Bea Product Suite 9.0

  • Oracle Bea Product Suite 9.1

  • Oracle Bea Product Suite 9.2


References

CERT - TA09-105A

CONFIRM - http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html

XF - oracle-weblogic-wls-priv-escalation2(50052)

SECTRACK - 1022059

BID - 34461

CONFIRM - http://www.oracle.com/technology/deploy/security/wls-security/1002.html

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html


Last Updated: 27 May 2016 11:01:07