Vulnerability in Bea Weblogic_server
CVE-2005-1746
The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote attackers to cause a denial of service (c…
EPSS: 0.026 (83.6th percentile) — read the EPSS interpretation.
Affected products
- Bea Weblogic_server — versions 6.0, 6.1, 7.0
- Oracle Weblogic_portal — versions 8.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vendor-advisory, x_refsource_BEA, Vendor Advisory)