CVE-2007-0418
published 2007-01-23CVE-2007-0418: BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that…
PriorityP431high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.61%
72.9th percentile
BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bea | weblogic_server | <= 7.0 | — |
| bea | weblogic_server | <= 8.1 | — |
| bea | weblogic_server | — | — |
| bea | weblogic_server | — | — |
| bea | weblogic_server | — | — |
| bea | weblogic_server | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat1.2LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cfjf-g325-9j7g: BEA WebLogic Server 7
ghsa_unreviewed·2022-05-01
CVE-2007-0418 [HIGH] GHSA-cfjf-g325-9j7g: BEA WebLogic Server 7
BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods.
Red Hat
security flaw
vendor_redhat·2005-08-02·CVSS 1.2
CVE-2005-2475 [LOW] security flaw
security flaw
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
Statement: This issue was addressed in unzip packages as shipped with Red Hat Enterprise Linux 3 and 4 via RHBA-2007:0418 and RHSA-2007:0203 respectively.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-2475 security flaw
bugzilla·2018-08-16·CVSS 1.2
CVE-2005-2475 [LOW] CVE-2005-2475 security flaw
CVE-2005-2475 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
---
Statement:
This issue was addressed in unzip packages as shipped with Red Hat Enterprise Linux 3 and 4 via RHBA-2007:0418 and RHSA-2007:0203 respectively.
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Bugzilla
CVE-2005-2475 TOCTOU issue in unzip
bugzilla·2007-02-01·CVSS 1.2
CVE-2005-2475 [LOW] CVE-2005-2475 TOCTOU issue in unzip
CVE-2005-2475 TOCTOU issue in unzip
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHBA-2007-0418.html
Bugzilla
CVE-2005-4667 unzip long filename buffer overflow
bugzilla·2006-03-24·CVSS 3.7
CVE-2005-4667 [LOW] CVE-2005-4667 unzip long filename buffer overflow
CVE-2005-4667 unzip long filename buffer overflow
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHBA-2007-0418.html
Discussion:
Call which can be closed. Errata RHBA-2007:0418-2 delivers
unzip-5.50-35.EL3.i386.rpm
Internal Status set to 'Resolved'
Status set to: Closed by Client
This event sent from IssueTracker by yves.begrand
issue 88545
http://dev2dev.bea.com/pub/advisory/212http://osvdb.org/38512http://secunia.com/advisories/23750http://securitytracker.com/id?1017525http://www.securityfocus.com/bid/22082http://www.vupen.com/english/advisories/2007/0213http://dev2dev.bea.com/pub/advisory/212http://osvdb.org/38512http://secunia.com/advisories/23750http://securitytracker.com/id?1017525http://www.securityfocus.com/bid/22082http://www.vupen.com/english/advisories/2007/0213
2007-01-23
Published