Oracle WebLogic Server Encoded URL Remote Vulnerability Network Vulnerability

Summary

Oracle WebLogic Server is prone to a remote vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. For an exploit to succeed, the attacker must have 'Plugins for Apache, Sun and IIS web servers' privileges. This vulnerability affects the following supported versions: 7. SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, 10.3.3

Solution

Vendor updates are available. Please contact the vendor for more information.

References

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html
http://www.vsecurity.com/resources/advisory/20100713-1/
https://www.securityfocus.com/bid/41620

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2375

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N

Related Vulnerabilities

2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
aeNovo Database Content Disclosure Vulnerability
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
AdaptCMS 'init.php' Remote File Include Vulnerability

Take action and discover your vulnerabilities