Remote Code Execution Vulnerability in WebLogic Server by BEA Systems
CVE-2009-1975

Currently unrated

Key Information:

Vendor: Oracle
Status: Bea Product Suite
Vendor: CVE Published:; 14 July 2009

Summary

An unspecified vulnerability exists in the WebLogic Server component of the BEA Product Suite 10.3 which may allow remote attackers to compromise confidentiality, integrity, and availability. This security issue is particularly related to the WLS Console Package, escalating the risk of unauthorized access and control over affected systems.

References

http://secunia.com/advisories/35776

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/35673

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2009/1900

vdb-entryx_refsource_VUPEN

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 14, 2009
Vulnerability Reserved
Jun 8, 2009