The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Bea Systems WebLogic Server

computer vulnerability alert CVE-2007-2694 CVE-2007-2695 CVE-2007-2696

WebLogic, Tuxedo: several vulnerabilities

Synthesis of the vulnerability

An attacker can exploit several vulnerabilities of WebLogic Server/Express and Tuxedo.
Impacted products: Tuxedo, WebLogic.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 15/05/2007.
Revision date: 29/05/2019.
Identifiers: BEA05-80.02, BEA07-158.00, BEA07-159.00, BEA07-160.00, BEA07-161.00, BEA07-162.00, BEA07-163.00, BEA07-164.00, BEA07-164.01, BEA07-165.00, BEA07-168.00, BEA07-169.00, BEA07-80.03, BEA08-159.01, BEA08-80.04, BID-23979, CVE-2007-2694, CVE-2007-2695, CVE-2007-2696, CVE-2007-2697, CVE-2007-2698, CVE-2007-2699, CVE-2007-2700, CVE-2007-2701, CVE-2007-2704, CVE-2007-2705, CVE-2008-0902, VIGILANCE-VUL-6816.

Description of the vulnerability

An attacker can exploit several vulnerabilities of WebLogic Server/Express and Tuxedo.

Several Cross Site Scripting vulnerabilities can be exploited. [severity:3/4; BEA05-80.02, BEA07-80.03, BEA08-80.04, CVE-2007-2694, CVE-2008-0902]

The cnsbind, cnsunbind and cnsls commands of Tuxedo can display sensitive information. [severity:3/4; BEA07-158.00]

Some queries via WebLogic HttpClusterServlet ou HttpProxyServlet, configured with the SecureProxy parameter, can be executed with elevated privileges. [severity:3/4; BEA07-159.00, BEA08-159.01, CVE-2007-2695]

The JMS backend does not perform security access checks. [severity:3/4; BEA07-160.00, CVE-2007-2696]

The LDAP server does not limit the connection trial number. [severity:3/4; BEA07-161.00, CVE-2007-2697]

The administration console can display some sensitive attributes in clear text. [severity:3/4; BEA07-162.00, CVE-2007-2698]

The WLSR script generated from configToScript contains a clear text password. [severity:3/4; BEA07-163.00, CVE-2007-2700]

All Deployers can deploy an application even if Domain Security Policies restricts this. [severity:3/4; BEA07-164.00, BEA07-164.01, CVE-2007-2699]

A WebLogic JMS Bridge can transfer a message to a protected queue. [severity:3/4; BEA07-165.00, CVE-2007-2701]

An attacker can generate a denial of service by connecting to a SSL port in a half-closed state. [severity:3/4; BEA07-168.00, CVE-2007-2704]

RSA signatures are incorrectly verified when exponent is 3 (VIGILANCE-VUL-6140). [severity:3/4; BEA07-169.00, CVE-2007-2705]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-12086

jackson-databind: file reading

Synthesis of the vulnerability

An attacker can read a file from a client using jackson-databind, in order to obtain sensitive information.
Impacted products: Debian, Oracle Communications, WebLogic.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet server.
Creation date: 21/05/2019.
Identifiers: 5048, cpujul2019, CVE-2019-12086, DLA-1798-1, DSA-4452-1, VIGILANCE-VUL-29375.

Description of the vulnerability

An attacker can read a file from a client using jackson-databind, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-2587 CVE-2018-2628 CVE-2018-2739

Oracle Fusion Middleware: vulnerabilities of April 2018

Synthesis of the vulnerability

Several vulnerabilities were announced in Oracle products.
Impacted products: Oracle Fusion Middleware, Tuxedo, WebLogic.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 10.
Creation date: 18/04/2018.
Revision date: 19/04/2019.
Identifiers: cpuapr2018, CVE-2018-2587, CVE-2018-2628, CVE-2018-2739, CVE-2018-2760, CVE-2018-2765, CVE-2018-2770, CVE-2018-2791, CVE-2018-2828, CVE-2018-2834, CVE-2018-2879, VIGILANCE-VUL-25897.

Description of the vulnerability

Several vulnerabilities were announced in Oracle products.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-11358

jQuery Core: privilege escalation via Object.prototype Pollution

Synthesis of the vulnerability

An attacker can bypass restrictions via Object.prototype Pollution of jQuery Core, in order to escalate his privileges.
Impacted products: Debian, Drupal Core, eZ Platform, Fedora, jQuery Core, openSUSE Leap, Oracle Communications, WebLogic, RabbitMQ, Red Hat SSO, SLES, Synology DSM, Telerik.Web.UI.
Severity: 2/4.
Consequences: user access/rights, data reading.
Provenance: document.
Creation date: 11/04/2019.
Identifiers: cpujul2019, CVE-2019-11358, DLA-1797-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4460-1, EZSA-2019-005, FEDORA-2019-2a0ce0c58c, FEDORA-2019-a06dffab1c, FEDORA-2019-f563e66380, openSUSE-SU-2019:1839-1, openSUSE-SU-2019:1872-1, RHSA-2019:1456-01, Synology-SA-19:19, VIGILANCE-VUL-29030.

Description of the vulnerability

An attacker can bypass restrictions via Object.prototype Pollution of jQuery Core, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-11307

jackson-databind: information disclosure via Default Typing

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Default Typing of jackson-databind, in order to obtain sensitive information.
Impacted products: Debian, Oracle Communications, WebLogic, RHEL, JBoss EAP by Red Hat, Red Hat SSO.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 04/03/2019.
Identifiers: cpujan2019, cpujul2019, CVE-2018-11307, DLA-1703-1, DSA-4452-1, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28642.

Description of the vulnerability

An attacker can bypass access restrictions to data via Default Typing of jackson-databind, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-1559

OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information.
Impacted products: SDS, SES, SNS, Blue Coat CAS, Debian, AIX, IBM i, Rational ClearCase, Tivoli Storage Manager, Juniper EX-Series, Juniper J-Series, Junos OS, SRX-Series, MariaDB ~ precise, McAfee Web Gateway, MySQL Community, MySQL Enterprise, Nodejs Core, OpenSSL, openSUSE Leap, Oracle Fusion Middleware, Oracle Identity Management, Solaris, WebLogic, Percona Server, RHEL, SIMATIC, Slackware, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, Synology DSM, Synology DS***, Synology RS***, Nessus, Ubuntu, WinSCP.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 26/02/2019.
Identifiers: bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujul2019, CVE-2019-1559, DLA-1701-1, DSA-4400-1, ibm10876638, ibm10886237, ibm10886659, JSA10949, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600.

Description of the vulnerability

An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-14720

jackson-databind: external XML entity injection via JDK Classes

Synthesis of the vulnerability

An attacker can transmit malicious XML data via JDK Classes to jackson-databind, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Debian, Fedora, Oracle Communications, Oracle Fusion Middleware, Tuxedo, WebLogic, RHEL, JBoss EAP by Red Hat, Red Hat SSO.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: document.
Creation date: 19/02/2019.
Identifiers: 5048, cpuapr2019, cpujan2019, CVE-2018-14720, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28548.

Description of the vulnerability

An attacker can transmit malicious XML data via JDK Classes to jackson-databind, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-14721

jackson-databind: information disclosure via axis2-jaxws SSRF

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via axis2-jaxws SSRF of jackson-databind, in order to obtain sensitive information.
Impacted products: Debian, Fedora, Oracle Communications, Oracle Fusion Middleware, Tuxedo, WebLogic, RHEL, JBoss EAP by Red Hat, Red Hat SSO.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 19/02/2019.
Identifiers: 5048, cpuapr2019, cpujan2019, CVE-2018-14721, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28547.

Description of the vulnerability

An attacker can bypass access restrictions to data via axis2-jaxws SSRF of jackson-databind, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-3823

libcurl: out-of-bounds memory reading via SMTP End-of-Response

Synthesis of the vulnerability

An attacker can force a read at an invalid address via SMTP End-of-Response of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: curl, Debian, Fedora, MariaDB ~ precise, MySQL Community, MySQL Enterprise, openSUSE Leap, Oracle Communications, Oracle Fusion Middleware, Solaris, Tuxedo, WebLogic, Percona Server, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: internet server.
Creation date: 06/02/2019.
Identifiers: bulletinjan2019, cpuapr2019, cpujul2019, CVE-2019-3823, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, SSA:2019-037-01, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28445.

Description of the vulnerability

An attacker can force a read at an invalid address via SMTP End-of-Response of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-16890

libcurl: out-of-bounds memory reading via NTLM Type-2

Synthesis of the vulnerability

An attacker can force a read at an invalid address via NTLM Type-2 of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: SDS, SES, SNS, curl, Debian, Fedora, MariaDB ~ precise, MySQL Community, MySQL Enterprise, openSUSE Leap, Oracle Communications, Oracle Fusion Middleware, Solaris, Tuxedo, WebLogic, Percona Server, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: internet server.
Creation date: 06/02/2019.
Identifiers: bulletinjan2019, cpuapr2019, cpujul2019, CVE-2018-16890, DLA-1672-1, DSA-4386-1, FEDORA-2019-43489941ff, openSUSE-SU-2019:0173-1, openSUSE-SU-2019:0174-1, SSA:2019-037-01, STORM-2019-002, SUSE-SU-2019:0248-1, SUSE-SU-2019:0249-1, SUSE-SU-2019:0249-2, SUSE-SU-2019:0339-1, USN-3882-1, VIGILANCE-VUL-28443.

Description of the vulnerability

An attacker can force a read at an invalid address via NTLM Type-2 of libcurl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Bea Systems WebLogic Server: