CVE-2007-2705

Sažetak

Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.

Reference

http://dev2dev.bea.com/pub/advisory/239
http://osvdb.org/36063
http://www.securitytracker.com/id?1018059
http://www.vupen.com/english/advisories/2007/1815
https://exchange.xforce.ibmcloud.com/vulnerabilities/34281

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

29-07-2017 - 01:31

Objavljeno

16-05-2007 - 01:19