CyberSec.Space Logo
Back to CVE Browser

CVE-2016-0638

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1360%
EPSS Percentile33.66th
PublishedApr 21, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service.

Affected Platforms (CPE)

πŸ“¦
Oracle

Weblogic Server

= 10.3.6.0.0
πŸ“¦
Oracle

Weblogic Server

= 12.1.2.0.0
πŸ“¦
Oracle

Weblogic Server

= 12.1.3.0.0
πŸ“¦
Oracle

Weblogic Server

= 12.2.1.0.0

References & Advisories

πŸ”— http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
πŸ”— http://www.securitytracker.com/id/1035615
πŸ”— https://www.tenable.com/security/research/tra-2016-09
πŸ”— http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
πŸ”— http://www.securitytracker.com/id/1035615
πŸ”— https://www.tenable.com/security/research/tra-2016-09

Related Vulnerabilities

CVE-2001-009810.0

Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begi...

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2000-068110.0

Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .J...

CVE-2003-064010.0

BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite use...