Vendor Bea

Affected Products (16): AquaLogic Interaction (2), AquaLogic Service Bus (1), Aqualogic Service Bus (2), BEA WebLogic Portal (1), JRockit (1), Plumtree Collaboration (1), Plumtree Foundation (1), Tuxedo (6), WebLogic (71), WebLogic Mobility Server (1), WebLogic Portal (23), WebLogic Server (124), WebLogic Workshop (3), Weblogic (1), Weblogic Integration (1), Weblogic Workshop (1)

Link to Vendor Website: https://www.oracle.com/corporate/acquisitions/bea/

PublishedBaseTempVulnerabilityProdExpRemCTICVE
07/22/200810.010.0BEA WebLogic Server mod_wl .jsp memory corruptionApplication Server SoftwareHighNot Defined0.05CVE-2008-3257
02/22/20085.34.8BEA WebLogic Server denial of serviceApplication Server SoftwareProof-of-ConceptOfficial Fix0.00CVE-2008-0903
02/22/20084.34.1BEA WebLogic Server cross site scriptingApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0902
02/22/20087.57.1BEA WebLogic Server credentials managementApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0901
02/22/20086.36.0BEA WebLogic Server access controlApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0900
02/22/20084.34.1BEA WebLogic Server Administration Console cross site scriptingApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0899
02/22/20086.56.2BEA WebLogic Server Access Restriction access controlApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0898
02/22/20088.17.7BEA WebLogic Server Access Restriction access controlApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0897
02/22/20085.44.9BEA WebLogic Portal Access Restriction access controlApplication Server SoftwareProof-of-ConceptOfficial Fix0.00CVE-2008-0896
02/22/20086.56.2BEA WebLogic Server improper authenticationApplication Server SoftwareProof-of-ConceptNot Defined0.07CVE-2008-0895
02/20/20087.36.9BEA WebLogic Portal Administration Console link followingApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0870
02/20/20084.33.9BEA WebLogic Workshop UI Framework cross site scriptingApplication Server SoftwareProof-of-ConceptOfficial Fix0.00CVE-2008-0869
02/20/20084.33.9BEA WebLogic Portal cross site scriptingApplication Server SoftwareProof-of-ConceptOfficial Fix0.00CVE-2008-0868
02/20/20084.33.9BEA Plumtree Foundation cross site scriptingUnknownProof-of-ConceptOfficial Fix0.00CVE-2008-0867
02/20/20084.34.1BEA WebLogic Workshop cross site scriptingApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0866
02/20/20085.35.0BEA WebLogic Portal access controlApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0865
02/20/20085.35.0BEA WebLogic Portal Access Restriction access controlApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0864
02/20/20085.35.0BEA WebLogic Server information disclosureApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2008-0863
02/19/20087.56.7BEA Plumtree Collaboration information disclosureGroupware SoftwareProof-of-ConceptOfficial Fix0.00CVE-2008-0904
12/12/20077.36.9BEA WebLogic Mobility Server improper authenticationApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2007-6384
12/01/20075.35.0BEA AquaLogic Interaction information disclosureUnknownProof-of-ConceptNot Defined0.00CVE-2007-6198
12/01/20075.35.0BEA AquaLogic Interaction information disclosureUnknownProof-of-ConceptNot Defined0.00CVE-2007-6197
08/30/20076.56.2BEA WebLogic Server information disclosureApplication Server SoftwareHighOfficial Fix0.00CVE-2007-4616
08/30/20076.56.2BEA WebLogic Server unknown vulnerabilityApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2007-4615
08/28/20077.56.5BEA WebLogic Server denial of serviceApplication Server SoftwareProof-of-ConceptNot Defined0.00CVE-2007-4618

Want to stay up to date on a daily basis?

Enable the mail alert feature now!