CyberSec.Space Logo
CVEブラウザに戻る

CVE-2001-0098

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1730%
EPSS Percentile18.67th
Published2001年2月12日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string.

Affected Platforms (CPE)

📦
Bea

Weblogic Server

<= 4.5.2

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2000-12/0331.html
🔗 http://www.securityfocus.com/bid/2138
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5782
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-12/0331.html
🔗 http://www.securityfocus.com/bid/2138
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5782

関連する脆弱性情報

CVE-2003-064010.0

BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite use...

CVE-2007-041710.0

BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm...

CVE-2000-068110.0

Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .J...

CVE-2008-325710.0

Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and ear...