CVE-2005-4759

BEA WebLogic Server & WebLogic Express <8.1,7.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migration across operating system platforms, do not warn the administrative user about platform differences in URLResource case sensitivity, which might cause local users to inadvertently lose protection of Web Application pages.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15052
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17138
Patch, Vendor Advisory vendor-advisory x_refsource_bea
http://dev2dev.bea.com/pub/advisory/149

Scores

EPSS 0.0052
EPSS Percentile 67.0%

Details

Status published
Products (2)
bea/weblogic_server 7.0 (2 CPE variants)
bea/weblogic_server 8.1 (2 CPE variants)
Published Dec 31, 2005
Tracked Since Feb 18, 2026