Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-1012
HistoryApr 15, 2009 - 10:30 a.m.

CVE-2009-1012

2009-04-1510:30:01
[email protected]
web.nvd.nist.gov
6

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

0.013

Percentile

86.1%

JSON

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.

Affected configurations

Nvd
Node
oraclebea_product_suiteMatch7.0sp7
OR
oraclebea_product_suiteMatch8.1sp6
OR
oraclebea_product_suiteMatch9.0
OR
oraclebea_product_suiteMatch9.1
OR
oraclebea_product_suiteMatch9.2mp3
OR
oraclebea_product_suiteMatch10.0mp1
OR
oraclebea_product_suiteMatch10.3
VendorProductVersionCPE
oraclebea_product_suite7.0cpe:2.3:a:oracle:bea_product_suite:7.0:sp7:*:*:*:*:*:*
oraclebea_product_suite8.1cpe:2.3:a:oracle:bea_product_suite:8.1:sp6:*:*:*:*:*:*
oraclebea_product_suite9.0cpe:2.3:a:oracle:bea_product_suite:9.0:*:*:*:*:*:*:*
oraclebea_product_suite9.1cpe:2.3:a:oracle:bea_product_suite:9.1:*:*:*:*:*:*:*
oraclebea_product_suite9.2cpe:2.3:a:oracle:bea_product_suite:9.2:mp3:*:*:*:*:*:*
oraclebea_product_suite10.0cpe:2.3:a:oracle:bea_product_suite:10.0:mp1:*:*:*:*:*:*
oraclebea_product_suite10.3cpe:2.3:a:oracle:bea_product_suite:10.3:*:*:*:*:*:*:*

Related

prion 1
cvelist 1
cve 2
nvd 1
openvas 1
securityvulns 1
seebug 1
oracle 1
prion
prion
Integer overflow
2009-04-15 10:30:00
cvelist
cvelist
CVE-2009-1012
2009-04-15 10:00:00
cve
cve
CVE-2009-1012
2009-04-15 10:30:01
CVE-2009-0189
2011-02-01 19:00:03
nvd
nvd
CVE-2009-0189
2011-02-01 19:00:03
openvas
openvas
Ubuntu USN-757-1 (gs-gpl)
2009-04-20 00:00:00
securityvulns
securityvulns
Oracle multiple security vulnerabilities
2009-05-18 00:00:00
seebug
seebug
Oracle 2009年4月紧急补丁更新修复多个漏洞
2009-04-16 00:00:00
oracle
oracle
cpuapr2009.html
2009-04-14 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

0.013

Percentile

86.1%

JSON
Related for NVD:CVE-2009-1012
prion1cvelist1cve2nvd1openvas1securityvulns1seebug1oracle1