CVE-2005-4758

Unspecified vulnerability in the Administration server in BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allows remote authenticated Admin users to read arbitrary files via unknown attack vectors related to an "internal servlet" accessed through HTTP.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4758
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
bea / weblogic_server	8.1	8.1.x
bea / weblogic_server	8.1-sp3	8.1-sp3.x
bea / weblogic_server	8.1-sp1	8.1-sp1.x
bea / weblogic_server	8.1-sp2	8.1-sp2.x

http://dev2dev.bea.com/pub/advisory/148
http://secunia.com/advisories/17138
http://www.securityfocus.com/bid/15052

Vulnerability Database

289,599

CVE-2005-4758