CVE-2004-0652 Information

Description

BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4 and 8.1 through 8.1 Service Pack 2 allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods.

Reference

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_55.00.jsp http://secunia.com/advisories/11359 http://securitytracker.com/id?1009766 http://www.kb.cert.org/vuls/id/352110 http://www.osvdb.org/5296 http://www.securityfocus.com/bid/10133 https://exchange.xforce.ibmcloud.com/vulnerabilities/15865