CVE Vulnerabilities

CVE-2005-4763

Published: Dec 31, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier, when Internet Inter-ORB Protocol (IIOP) is used, sometimes include a password in an exception message that is sent to a client or stored in a log file, which might allow remote attackers to perform unauthorized actions.

Affected Software

Name Vendor Start Version End Version
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 8.1 8.1
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 6.1 6.1
Weblogic_server Bea 7.0 7.0
Weblogic_server Bea 6.1 6.1

References