Vulnerability Details CVE-2005-4749
HTTP request smuggling vulnerability in BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier allows remote attackers to inject arbitrary HTTP headers via unspecified attack vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://dev2dev.bea.com/pub/advisory/159
- http://dev2dev.bea.com/pub/advisory/177
- http://secunia.com/advisories/17138
- http://www.securityfocus.com/bid/15052
- http://www.securityfocus.com/bid/17163
- http://dev2dev.bea.com/pub/advisory/159
- http://dev2dev.bea.com/pub/advisory/177
- http://secunia.com/advisories/17138
- http://www.securityfocus.com/bid/15052
- http://www.securityfocus.com/bid/17163
Products affected by CVE-2005-4749
-
cpe:2.3:a:bea:weblogic_server:6.1
-
cpe:2.3:a:bea:weblogic_server:7.0
-
cpe:2.3:a:bea:weblogic_server:8.1