Vulnerability Details CVE-2007-0420
BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote attackers to obtain sensitive information via malformed HTTP requests, which reveal data from previous requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://dev2dev.bea.com/pub/advisory/214
- http://osvdb.org/38514
- http://secunia.com/advisories/23750
- http://securitytracker.com/id?1017525
- http://www.securityfocus.com/bid/22082
- http://www.vupen.com/english/advisories/2007/0213
- http://dev2dev.bea.com/pub/advisory/214
- http://osvdb.org/38514
- http://secunia.com/advisories/23750
- http://securitytracker.com/id?1017525
- http://www.securityfocus.com/bid/22082
- http://www.vupen.com/english/advisories/2007/0213
Products affected by CVE-2007-0420
-
cpe:2.3:a:bea:weblogic_server:9.0
-
cpe:2.3:a:bea:weblogic_server:9.1
-
cpe:2.3:a:bea:weblogic_server:9.2