CVE-2007-2696 Information

Description

The JMS Server in BEA WebLogic Server 6.1 through SP7 7.0 through SP6 and 8.1 through SP5 enforces security access policies on the front end which allows remote attackers to access protected queues via direct requests to the JMS back-end server.

Reference

http://dev2dev.bea.com/pub/advisory/228 http://osvdb.org/36073 http://secunia.com/advisories/25284 http://securitytracker.com/id?1018057 http://www.vupen.com/english/advisories/2007/1815 https://exchange.xforce.ibmcloud.com/vulnerabilities/34284