PT-2007-1881 · Oracle · Bea Weblogic

Published

2007-01-23

Updated

2018-10-17

CVE-2007-0410

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions BEA WebLogic versions 7.0 through 7.0 SP6 BEA WebLogic versions 8.1 through 8.1 SP5 BEA WebLogic versions 9.0 BEA WebLogic versions 9.1

Description The issue is related to thread management in BEA WebLogic when T3 authentication is used, allowing remote attackers to cause a denial of service, resulting in thread and system hang via unspecified sequences of events.

Recommendations For BEA WebLogic versions 7.0 through 7.0 SP6, update to a version that addresses the thread management issue. For BEA WebLogic versions 8.1 through 8.1 SP5, update to a version that addresses the thread management issue. For BEA WebLogic versions 9.0, update to a version that addresses the thread management issue. For BEA WebLogic versions 9.1, update to a version that addresses the thread management issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0410

Affected Products

Bea Weblogic

PT-2007-1881 · Oracle · Bea Weblogic

CVE-2007-0410

Related Identifiers

Affected Products

References · 8