github - ghsa-qw6f-47p6-c25p

ghsa-qw6f-47p6-c25p

Vulnerability from github

Published

2022-05-17 05:20

Modified

2022-05-17 05:20

Details

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is cross-site scripting.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2008-5461"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-01-14T02:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS.  NOTE: the previous information was obtained from the January 2009 CPU.  Oracle has not commented on reliable researcher claims that this issue is cross-site scripting.",
  "id": "GHSA-qw6f-47p6-c25p",
  "modified": "2022-05-17T05:20:16Z",
  "published": "2022-05-17T05:20:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5461"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN93431860/index.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33526"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33177"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021571"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0115"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2008-5461

Vulnerability from cvelistv5

Published

2009-01-14 02:00

Modified

2024-08-07 10:56

Severity

Summary

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is cross-site scripting.

References

URL	Tags
http://secunia.com/advisories/33526	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/0115	vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1021571	vdb-entry, x_refsource_SECTRACK
http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html	x_refsource_CONFIRM
http://www.securityfocus.com/bid/33177	vdb-entry, x_refsource_BID
http://jvn.jp/en/jp/JVN93431860/index.html	third-party-advisory, x_refsource_JVN

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:56:46.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33526",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33526"
          },
          {
            "name": "ADV-2009-0115",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0115"
          },
          {
            "name": "1021571",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021571"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
          },
          {
            "name": "33177",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33177"
          },
          {
            "name": "JVN#93431860",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN93431860/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS.  NOTE: the previous information was obtained from the January 2009 CPU.  Oracle has not commented on reliable researcher claims that this issue is cross-site scripting."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-01-23T10:00:00",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "33526",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33526"
        },
        {
          "name": "ADV-2009-0115",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0115"
        },
        {
          "name": "1021571",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021571"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
        },
        {
          "name": "33177",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33177"
        },
        {
          "name": "JVN#93431860",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN93431860/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2008-5461",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS.  NOTE: the previous information was obtained from the January 2009 CPU.  Oracle has not commented on reliable researcher claims that this issue is cross-site scripting."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33526",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33526"
            },
            {
              "name": "ADV-2009-0115",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0115"
            },
            {
              "name": "1021571",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021571"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
            },
            {
              "name": "33177",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33177"
            },
            {
              "name": "JVN#93431860",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN93431860/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2008-5461",
    "datePublished": "2009-01-14T02:00:00",
    "dateReserved": "2008-12-11T00:00:00",
    "dateUpdated": "2024-08-07T10:56:46.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.