BEA WebLogic Server 5.x

Blog

Vulnerability Report: BEA WebLogic Server 5.x

This vulnerability report for BEA WebLogic Server 5.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in BEA WebLogic Server 5.x then you are more than welcome to contact us.

1. Product Summary Only

2. Secunia Advisory Statistics (All time)

2.1. Statistics for 2013

2.2. Statistics for 2012

2.3. Statistics for 2011

2.4. Statistics for 2010

2.5. Statistics for 2009

2.6. Statistics for 2008

2.7. Statistics for 2007

2.8. Statistics for 2006

2.9. Statistics for 2005

2.10. Statistics for 2004

2.11. Statistics for 2003

3. List of Secunia Advisories (All time)

3.1. List for 2013

3.2. List for 2012

3.3. List for 2011

3.4. List for 2010

3.5. List for 2009

3.6. List for 2008

3.7. List for 2007

3.8. List for 2006

3.9. List for 2005

3.10. List for 2004

3.11. List for 2003

4. Send Feedback

Vendor, Links, and Unpatched Vulnerabilities

Vendor	BEA

Product Link	View Here (Link to external site)

Affected By	7 Secunia advisories 1 Vulnerabilities

Monitor Product	Receive alerts for this product

Unpatched	0% (0 of 7 Secunia advisories)

Most Critical Unpatched There are no unpatched Secunia advisories affecting this product, when all vendor patches are applied..

7 Secunia Advisories in 2003-2013

Secunia has issued a total of 7 Secunia advisories in 2003-2013 for BEA WebLogic Server 5.x. Currently, 0% (0 out of 7) are marked as unpatched.

More information about the specific Secunia advisories affecting BEA WebLogic Server 5.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.

BEA WebLogic HTTP TRACE Response Cross-Site Scripting Issue
Vendor Patch. Secunia Advisory 1 of 2 in 2004. 14,078 views.

Release Date:
2004-01-27

Secunia Advisory ID:
SA10726

Solution Status:
Vendor Patch

Criticality:

Impact:
Cross Site Scripting

Where:
From remote

Short Description:
BEA has confirmed a problem in WebLogic Server and Express, which potentially can be exploited to conduct cross-site scripting attacks against users. [Read More]

BEA WebLogic JVM Denial of Service Vulnerability
Vendor Patch. Secunia Advisory 2 of 2 in 2004. 10,181 views.

Release Date:
2004-01-13

Secunia Advisory ID:
SA10607

Solution Status:
Vendor Patch

Criticality:

Impact:
DoS

Where:
From remote

Short Description:
BEA has issued an advisory regarding a vulnerability in JVM, which can be exploited to crash BEA WebLogic Server and Express. [Read More]

BEA WebLogic Cross Site Scripting Vulnerability
Vendor Patch. Secunia Advisory 1 of 4 in 2003. 10,516 views.

Release Date:
2003-08-07

Secunia Advisory ID:
SA9466

Solution Status:
Vendor Patch

Criticality:

Impact:
Cross Site Scripting

Where:
From remote

Short Description:
A vulnerability has been identified in WebLogic possibly allowing malicious people to conduct Cross Site Scripting attacks. [Read More]

BEA WebLogic Certificate Chain Validation Vulnerability
Vendor Patch. Secunia Advisory 2 of 4 in 2003. 11,834 views.

Release Date:
2003-05-14

Secunia Advisory ID:
SA8778

Solution Status:
Vendor Patch

Criticality:

Impact:
Spoofing

Where:
From remote

Short Description:
A vulnerability has been identified in BEA WebLogic and BEA Tuxedo allowing malicious people to spoof an identity. This vulnerability is similar to the certificate chain vulnerability found in Microsoft Windows and other products last year. [Read More]

Bea WebLogic session sharing
Vendor Patch. Secunia Advisory 3 of 4 in 2003. 10,471 views.

Release Date:
2003-01-29

Secunia Advisory ID:
SA7970

Solution Status:
Vendor Patch

Criticality:

Impact:
Exposure of sensitive information

Where:
From remote

Short Description:
WebLogic does in some cases give two users the same session. The problem occurs uses in-memory session replication or replicated stateful session beans. [Read More]

WebLogic Denial of Service
Vendor Patch. Secunia Advisory 4 of 4 in 2003. 6,793 views.

Release Date:
2003-01-29

Secunia Advisory ID:
SA7971

Solution Status:
Vendor Patch

Criticality:

Impact:
DoS

Where:
From remote

Short Description:
WebLogic can be crashed by issuing specific HTTP requests. [Read More]

WebLogic vulnerable to a Denial of Service
Vendor Patch. Secunia Advisory 1 of 1 in 2002. 6,641 views.

Release Date:
2002-12-12

Secunia Advisory ID:
SA7700

Solution Status:
Vendor Patch

Criticality:

Impact:
DoS

Where:
From remote

Short Description:
WebLogics XML parser handles DTD references to entities incorrectly, this can be abused by sending XML documents to applications. This does not affect the WebLogic Server directly as it does not parse DTDs, but applications based on WebLogic may suffer from this. [Read More]

Discuss this Product

A new thread in our forum is automatically created for each Product. Activate the thread by commenting/discussing below.

Subject: BEA WebLogic Server 5.x

No posts yet

Vulnerability Report: BEA WebLogic Server 5.x

Table of Contents

Vendor, Links, and Unpatched Vulnerabilities

7 Secunia Advisories in 2003-2013

Discuss this Product

You must be logged in to post a comment.

Vulnerability Report: BEA WebLogic Server 5.x

Table of Contents

Vendor, Links, and Unpatched Vulnerabilities

7 Secunia Advisories in 2003-2013

Discuss this Product

You must be logged in to post a comment.

Secunia Customer Login

Not a customer already?