CVE-2007-2705
BEA WebLogic Integration 9.2 and WebLogic Workshop 8.1 SP2-SP6 - Directory Traversal in Test View Console
Title source: llmDescription
Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018059
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/36063
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1815
Patch, Vendor Advisory vendor-advisory
x_refsource_bea
http://dev2dev.bea.com/pub/advisory/239
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34281
Scores
EPSS
0.0057
EPSS Percentile
69.0%
Details
Status
published
Products (2)
bea/weblogic_integration
9.2
bea/weblogic_workshop
8.1 sp2 (5 CPE variants)
Published
May 16, 2007
Tracked Since
Feb 18, 2026