CVE-2007-6384

BEA WebLogic Mobility Server <3.6 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 through 3.6 SP1 allows remote attackers to obtain application file and resource access via unspecified vectors.

References (6)

[Vendor Advisory] http://dev2dev.bea.com/pub/advisory/255

[Patch, Vendor Advisory] http://secunia.com/advisories/28078

[Patch] http://www.securitytracker.com/id?1019091

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39005

[Third Party Advisory, VDB Entry] http://osvdb.org/41880

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/4204

Scores

EPSS 0.0094

EPSS Percentile 76.0%

Classification

CWE

CWE-287

Status draft

Affected Products (4)

bea/weblogic_mobility_server

Timeline

Published Dec 15, 2007

Tracked Since Feb 18, 2026