Remote Code Execution Risk in WebLogic Server by BEA Systems
CVE-2009-3399

Currently unrated

Key Information:

Vendor: Oracle
Status: Bea Product Suite
Vendor: CVE Published:; 22 October 2009

Summary

A vulnerability in the WebLogic Server component of BEA Product Suite versions 7.0.6 and 8.1.5 allows remote attackers to potentially compromise the integrity of the server, specifically related to the WebLogic Server Console. Exploiting this vulnerability may enable unauthorized access and manipulation of sensitive data or system functionality.

References

http://www.securitytracker.com/id?1023062

vdb-entryx_refsource_SECTRACK

http://www.us-cert.gov/cas/techalerts/TA09-294A.html

third-party-advisoryx_refsource_CERT

http://www.oracle.com/technetwork/topics/security/cpuoct2...

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 22, 2009
Vulnerability Reserved
Sep 25, 2009