CVE-2009-1002

Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors.

Published: Apr 15, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-1002
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / bea_product_suite	9.1	9.1.x
oracle / bea_product_suite	8.1-sp6	8.1-sp6.x
oracle / bea_product_suite	10.0-mp1	10.0-mp1.x
oracle / bea_product_suite	7.0-sp7	7.0-sp7.x
oracle / bea_product_suite	9.0	9.0.x
oracle / bea_product_suite	10.3	10.3.x
oracle / bea_product_suite	9.2-mp3	9.2-mp3.x

http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html
http://www.oracle.com/technology/deploy/security/wls-security/1002.html
http://www.securityfocus.com/bid/34461
http://www.securitytracker.com/id?1022059
http://www.us-cert.gov/cas/techalerts/TA09-105A.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/50052

Vulnerability Database

289,697

CVE-2009-1002