CVE-2009-1002

5 documents5 sources
Severity
5.8MEDIUM
EPSS
0.9%
top 24.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle BEA Product Suite
Timeline
PublishedApr 15
Latest updateMay 2

Description

Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

NVDoracle/bea_product_suite7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-qwf3-mcpp-79x7: Unspecified vulnerability in Oracle BEA WebLogic Server 102022-05-02
CVEList
CVE-2009-1002: Unspecified vulnerability in Oracle BEA WebLogic Server 102009-04-15

💥Exploits & PoCs

1
Exploit-DB
Sun xVM VirtualBox 2.0/2.1 - Local Privilege Escalation2009-03-10

💬Community

1
Bugzilla
CVE-2008-2384 mod_auth_mysql: character encoding SQL injection flaw2009-01-15
CVE-2009-1002 (MEDIUM CVSS 5.8) | Unspecified vulnerability in Oracle | cvebase.io