CVE-2006-1352 — Weblogic Server vulnerability
3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.0%
top 23.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 22
Latest updateMay 1
Description
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via crafted non-canonicalized XML documents.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9