NVD

Id
3140  
Name
CVE-2008-3257  
Description
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-07-22  
Modified Date
2011-03-07  
Seq
2008-3257  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
19919 3140 CVE-2008-3257 http://blogs.oracle.com/security/2008/07/security_alert_for_cve-2008-3257_released.html  View
19920 3140 CVE-2008-3257 20080717 Bea Weblogic Apache Connector BOF / Remote Denial of Service PoC  View
19921 3140 CVE-2008-3257 20080717 Bea Weblogic Apache Connector BOF / Remote Denial of Service PoC  View
19922 3140 CVE-2008-3257 VU#716387  View
19923 3140 CVE-2008-3257 6089  View
19924 3140 CVE-2008-3257 http://www.oracle.com/technology/deploy/security/alerts/alert_cve2008-3257.html  View
19925 3140 CVE-2008-3257 30273  View
19926 3140 CVE-2008-3257 1020520  View
19927 3140 CVE-2008-3257 ADV-2008-2145  View
19928 3140 CVE-2008-3257 oracle-weblogic-apacheconnector-bo(43885)  View
19929 3140 CVE-2008-3257 https://support.bea.com/application_content/product_portlets/securityadvisories/2793.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
46281 JVNDB-2008-001591 Oracle Weblogic Apache connector プラグインにバッファオーバーフローの脆弱性 Oracle Weblogic (旧 BEA Weblogic) Server および Weblogic Express Applicaiton Server の Weblogic Apache connector プラグインにはバッファオーバーフローの脆弱性が存在します。 CVE-2008-3257 33370 CVE-2008-3257 3140 10 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001591.html 2008-08-01 2008-09-02 View