CVE-2005-4760

BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failures occur in authorization or role providers, which might prevent the servlet from being "fully protected."
References
Link Resource
http://dev2dev.bea.com/pub/advisory/151 Patch Vendor Advisory
http://secunia.com/advisories/17138 Third Party Advisory
http://www.securityfocus.com/bid/15052 Third Party Advisory VDB Entry
http://dev2dev.bea.com/pub/advisory/151 Patch Vendor Advisory
http://secunia.com/advisories/17138 Third Party Advisory
http://www.securityfocus.com/bid/15052 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp2:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp3:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp4:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:7.0:sp5:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:*:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:sp1:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:sp2:express:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
cpe:2.3:a:bea:weblogic_server:8.1:sp3:express:*:*:*:*:*

History

21 Nov 2024, 00:05

Type Values Removed Values Added
References () http://dev2dev.bea.com/pub/advisory/151 - Patch, Vendor Advisory () http://dev2dev.bea.com/pub/advisory/151 - Patch, Vendor Advisory
References () http://secunia.com/advisories/17138 - Third Party Advisory () http://secunia.com/advisories/17138 - Third Party Advisory
References () http://www.securityfocus.com/bid/15052 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/15052 - Third Party Advisory, VDB Entry

Information

Published : 2005-12-31 05:00

Updated : 2024-11-21 00:05


NVD link : CVE-2005-4760

Mitre link : CVE-2005-4760

CVE.ORG link : CVE-2005-4760


JSON object : View

Products Affected

bea

  • weblogic_server