CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-0638

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1360%
EPSS Percentile33.66th
Published2016年4月21日
Last Modified2026年5月6日

Vulnerability Description

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service.

Affected Platforms (CPE)

📦
Oracle

Weblogic Server

= 10.3.6.0.0
📦
Oracle

Weblogic Server

= 12.1.2.0.0
📦
Oracle

Weblogic Server

= 12.1.3.0.0
📦
Oracle

Weblogic Server

= 12.2.1.0.0

References & Advisories

🔗 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
🔗 http://www.securitytracker.com/id/1035615
🔗 https://www.tenable.com/security/research/tra-2016-09
🔗 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
🔗 http://www.securitytracker.com/id/1035615
🔗 https://www.tenable.com/security/research/tra-2016-09

相關漏洞威脅

CVE-2001-009810.0

Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begi...

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2000-068110.0

Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .J...

CVE-2003-064010.0

BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite use...