Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA WebLogic Server/Express远程拒绝服务和信息泄露漏洞
Vulnerability Description
BEA Systems WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 BEA Systems WebLogic Server和Express包含多个问题,远程攻击者可以利用这个漏洞进行拒绝服务攻击者或者获得敏感信息。 具体问题如下: 1、通过WebLogic Server插件发送不正确格式URL给WEbLogic Server或Express,不正确的URL会导致代理插件崩溃,使得WEB站点不能访问。如果不使用WebLogic服务代理插件的站点不受
CVSS Information
N/A
Vulnerability Type
N/A