NVD

Id
70346  
Name
CVE-2005-4757  
Description
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass intended servlet protections.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2005-12-31  
Modified Date
2008-09-05  
Seq
2005-4757  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
362647 70346 CVE-2005-4757 BEA05-93.00  View
362648 70346 CVE-2005-4757 15052  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
62374 JVNDB-2005-000576 BEA 製品の URL パターンにサーブレットリソースが適切に保護されない脆弱性 ------------ CVE-2005-4757 15959 CVE-2005-4757 70346 7.5 http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000576.html 2005-10-10 2007-04-01 View