mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
112 lines
3.3 KiB
JSON
112 lines
3.3 KiB
JSON
{
|
|
"id": "CVE-2007-6384",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-12-15T02:46:00.000",
|
|
"lastModified": "2017-08-08T01:29:07.587",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 through 3.6 SP1 allows remote attackers to obtain application file and resource access via unspecified vectors."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad no especificada en la funcionalidad Image Converter de BEA WebLogic Mobility Server 3.3, 3.5, y 3.6 hasta la 3.6 SP1. Permite que atacantes remotos obtengan el fichero de solicitud y acceso a recursos, a trav\u00e9s de vectores sin especificar."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-287"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5A888C92-98AB-4364-8096-38E0601206B3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F67944AC-7E54-49EC-896F-BCDB0A6F5089"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "75B86EF7-9EDE-494B-A8CE-A07E97CFE215"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bea:weblogic_mobility_server:3.6:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "19062190-0250-41AE-9B29-C8F4C497F06B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://dev2dev.bea.com/pub/advisory/255",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1019091",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/4204",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39005",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |